TechSpot

Over 10,000 XP machines attacked by unpatched vulnerability

By Matthew
Jul 1, 2010
  1. Users of Windows XP may want to double down on security until Microsoft deals with a recently identified flaw (CVE-2010-1885). A Google engineer found the hole last month and at first, Microsoft said it only saw "legitimate researchers testing innocuous proof-of-concepts" – but it didn't take long for malicious hackers to prey on the vulnerability.

    Read the whole story
     
  2. With this issue and the Conficker or Downadup Worm of rescent past, it may pay for Microsoft to start investigating their own workforce. The word gets on the streets too quickly for this to be some anonymous prankster. It seems as soon as a vulnerability is discovered, there is something there to take advantage of it.
     
  3. Kibaruk

    Kibaruk TechSpot Paladin Posts: 2,514   +503

    @Guest: That is a really stupid comment.

    You know there are groups, even contests where normal people get paid to breach or find bugs for their software? You really think that microsoft knowing of the flauds would just put it out so they get bad reputation (They DO care believe it or not, specially with all the cheers open-source is getting nowadays)?
     
  4. Darkshadoe

    Darkshadoe TS Guru Posts: 571   +112

    @Kilbaruk

    Guest's response isn't stupid at all. It is quite possible Microsoft could put a virus out there to try to get people to switch to Win7. They aren't making money off of Xp anymore and its not like any company never resorted to dirty tactics to increase profit. Until the facts are known, all any of us can do is guess what happened. It could be a disgruntled MS employee for all we know.
     
  5. Really! You think that all the employees at Microsoft, some 30-40,000 employees are so satisfied with their job that they wouldn’t dream of moonlighting or, even sabotage? Be for real. I’m certain that there is at least one who thinks they can teach someone a little something about security in the Microsoft line of software. Like I said before, the word of the XP vulnerability was out with code to take advantage of this within a month of its discovery. How long has XP been out? Since October 2001, XP has been available and just now they discover this. And within the month, the code is out to take advantage of it. Same thing applies with the Conficker Worm. Microsoft discovered a flaw in their code and thus, came up with the update MS08-067 to patch it. Well, the Conficker Worm arrived on the scene just as the patch was put out. While the antivirus gurus were doing battle with this worm; with the help of Microsoft, they discovered that it was encrypted with 512-bit encryption. When the author of the Worm realized that they were on to his code, it was changed to MD6 encryption which was still incomplete and still in experimental stage and it uses 4096 bit encryption. So, all I am saying is someone at Microsoft may be a little disgruntled or leaking it out or, they have some shady accomplices and maybe Microsoft should look into it.
     
  6. raybay

    raybay TS Evangelist Posts: 7,241   +9

    Right. It only takes one.
     
  7. @ Guest: Maybe it's you? LOL Sorry couldn't resist.
     
  8. tengeta

    tengeta TS Enthusiast Posts: 612

    10,000 machines? Seems less than the iPad issue, but thats just me, a Microsoft fanboy.
     
  9. Reloader2

    Reloader2 TS Rookie Posts: 66

    @Guest you watch to many films...
     
  10. DP9225

    DP9225 TS Rookie

    And you look at the world through rose colored lenses.
     
  11. Kibaruk

    Kibaruk TechSpot Paladin Posts: 2,514   +503

    Indeed... seems like you watch too many films...

    So, if they have to change from their OS and costumers are not satisfied with Microsoft, what makes you think they will go and pay more money for another Windows when they can easily switch to some linux distro like Ubuntu, most (Most as the other huge percent of population who only use computers to check mail, the web, and so) of computer users don't even need that much, specially with Chrome OS comming microsoft needs to be at peace with customers.

    To those who think in 1 people making a bug so everyone gets screwed... think in Betas, in RC, and all the other stages that are before them. Too many films...
     
  12. TJGeezer

    TJGeezer TS Enthusiast Posts: 385   +10

    I like to blame the movies too. In fact, it's probably all Mel Gibson's fault. Him, or all those teenage immigrant welfare mothers on drugs.

    Seriously, I doubt Microsoft would intentionally put out bugs that could cause its users all kinds of grief. What's a little harder to explain is why, after trumpeting its own hard focus on system and data security for so song, Microsoft classified the bug as a proof of concept nothing, no problem here, move along folks, for a whole month. And now that the horse is out, it's scrambling to shut the barn door. Don't see how that makes any kind of sense.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...