Windows XP SP2 has serious security hole

Status
Not open for further replies.
Phantasm66

Phantasm66

Posts: 4,909   +8
Two stories in a row? SP2 seems to be on everyone's minds lately. Probably because we waited so long for it. But it looks like there is a serious security problem.

The feature that has the hole is the Windows Security Center which displays the status of the key elements of your defenses: Firewall, Updates, and Antivirus. That's good, you say. And it is. But what's not good is that it appears that the Windows Management Instrumentation (WMI) which manages the database of these conditions could be spoofed, meaning that a user could think that their PC was secure, when in fact it was not. Microsoft have yet to issue a statement on the matter.
 
I`dont understand how the people still using an OS like MS Windows XP, It`s a bunch of crap!, uses a LOT! of hardware resources only to show "pretty colours an that kind of crap"
And to complete, now, which assumes is to try to fix security problems, it comes with a problem itself!!
Microsoft is joking, wright? is a joke wright? wright!!!??
Microsoft, impale yourself.
I`ve recommend everytime Linux or may be a Win98/2000.

- Watch your language on these forums
Didou
 
Obviously your OS of choice isn't advanced enough to include applications with spelling and grammer checking capabilities.

Dude, count to ten and take a deep breath.... :p
 
Originally posted by Tutuca
is a joke wright?

I`ve recommend everytime Linux or may be a Win98/2000.
Click to expand...

I don't know what's worse, the fact that he made such cliche statements like "I recommend Linux..." or the fact that he bashed XP/MS to later end his post recommending Win98 and yes, Win2K, which was what XP was based on. LOL LOL

This is the kind of post that make you wish forums like these quized their members before joining.
 
Some people still prefer Windows 2000 over Windows XP, even though they are based on the same kernel.

2K has "lower" system requirements & a few security points above XP.
 
Well, I'm not very suprised to say the least...

Why is anyone? I'm still a happy Win2K user, and yes GNU/Linux is a pretty secure system, however I find just the ¨plain Linux to be quite lacking compared to 2K/XP :D
 
This is news? Surely everybody *knew* thered still be gaping holes after SP2 came out.
 
LOL...wait until these hackers start tearing holes in Linux....then what are you guys going to cry about?

XP rules.
 
Here's what a friend of mine had to say about this.........

"'I'd be extremely surprised if a malicious program could exploit the security center through WMI. WMI objects do have access controls on them, not just any process can access a WMI object like those used in the security center unless the objects are designed to be open like that.

They do make an interesting point though, if the WMI objects for WSC *are* open, then yes, it'd be easy for a program to watch for when the system protection level drops down (if ever?). They're correct that antivirus or intrusion detection systems don't watch WMI accesses (at least none that I've worked with). So it would be a "low and slow" method for a bad program to watch and wait for an opportunity.

Regardless, a malicious process would have to be started by you, so you'd have to be already vulnerable to a virus or be tricked into starting the process under your security context. It would also be interesting to see if the user has access to the WMI objects or if a system process has to access them for you.

I'm going to send the link to a couple of people at MS and see what they have to say.

EDIT:

DOH! Right after I emailed a friend at MS, I read the follow up article:

"To spoof the Windows Security Center WMI would require system-level access to a PC. If the user downloads and runs an application that would allow for spoofing of Windows Security Center, they have already opened the door for the hacker to do what they want. In addition, if malware is already on the system, it does not need to monitor WSC to determine a vulnerable point of attack, it can simply shut down any firewall or AV service then attack – no WSC is necessary"

So like I said, you have to execute the malware to give it the proper access. The article is saying that putting all the security status information in an easily accessible form is a problem. Normal users want such information in an easily accesible form. Sometimes you can't win."
 
Originally posted by MYOB
Nothing. I don't use Linux. Or XP.
Click to expand...

What do you use then? Mac?

Originally posted by Unregistered
I find just the plain Linux to be quite lacking
Click to expand...

What do you consider 'plain' Linux? 'Plain' Linux would be just a Kernel, and you can't do much with that. What people think of as Linux is the 'Linux Distribution' which includes a load of other open source software. Which distros have you tried anyway? Sounds to me like you either tried Linux way way way back in the day or you were using a minimalist distro. Minimalist distros are only good for high performance scientific calculations and servers because it cuts out a lot of the 'frills and lace' overhead so it can get the job done quicker (which Windows has no capability of doing). Would you go to work at a construction site in an Armani suit? The GUIs available for Linux can even be customized to look and work like anything that exists (Windows, Mac OS, etc...) or anything you can dream of.
 
Did anyone bother to take note in the article that they have made proof of concept code? Look at figure two and the paragraph describing it.
 
What do you consider 'plain' Linux? 'Plain' Linux would be just a Kernel, and you can't do much with that. What people think of as Linux is the 'Linux Distribution' which includes a load of other open source software. Which distros have you tried anyway? Sounds to me like you either tried Linux way way way back in the day or you were using a minimalist distro. Minimalist distros are only good for high performance scientific calculations and servers because it cuts out a lot of the 'frills and lace' overhead so it can get the job done quicker (which Windows has no capability of doing). Would you go to work at a construction site in an Armani suit? The GUIs available for Linux can even be customized to look and work like anything that exists (Windows, Mac OS, etc...) or anything you can dream of.
Click to expand...
I was being ironic, sorry, I have used Debian/Knoppix and Red Hat
 
Status
Not open for further replies.

Similar threads

Cal Jeffrey
Airbnb bans indoor security cameras from rentals
Replies
7
Views
134
kiwigraeme
K
A
Microsoft left a kernel-level, zero-day bug in Windows for six months before patching it
Replies
9
Views
225
LimyG
LimyG
midian182
China bans Micron chips over "network security risks"
Replies
8
Views
552
Puiu
Puiu

Latest posts

Back