also @ TechSpot: Asus Crosshair III Formula motherboard review

Most Popular

Top Stories  Just in   Featured 

11 awesome applications you've never heard of  featured

Microsoft to offer three-user Windows 7 Family Pack?

Apple issues advice on iPhone 3GS overheating

Firefox 3.5 breaks 5 million downloads in 24 hours

2K Games offers "Huge Game Pack" on Steam for $54

Fallout 3 gets 50% price cut on Steam this weekend

Psystar emerges from bankruptcy with new hardware

Apple dumping Nvidia graphics on future Macs?

More Top Stories

Downloads & Drivers

Downloads   Drivers  

Zortam Mp3 Media Studio 9.40

Xplorer2 Lite 1.7.2.7

DVD Flick 1.3.0.7

McFunSoft Audio Editor 6.7.13.7

FileZilla 3.2.6.1

More Downloads

TS Community

Recent Discussion   User Gallery  

Secure file and print sharing

Found 2 gems to make XP look better than Vista

Windows Explorer will not load automatically

Urgent help needed - Comp won't reach POST, just shuts down

Installing new memory

More at the Forum

Subscribe

Newsletter Our Feeds

Receive weekly updates on new articles, news and contests in your mail!

Email address:

Information Technology

New vulnerability in Windows XP published

By Justin Mann, TechSpot.com
Published: September 19, 2007, 1:15 PM EST
A new vulnerability (but not newly discovered) has been published for Windows, this time only affecting Windows XP. Fully patched SP2 XP machines are apparently vulnerable in two libraries via the same flaw, by causing a buffer overflow that could lead to code execution. As the majority of flaws we hear about are similar in nature, it's really not surprising at all.

Secunia has rated the flaw as moderately critical, as the flaw requires software written in such a fashion that exploitation is possible. Microsoft does not yet have a security bulletin. The only interesting note about the flaw to me was a list of the some affected software, such as HP's Photo & Imaging Gallery and their All-In-One Series Web Release Software.

What is sad about this case is that the actual bug was apparently reported to Microsoft in June, several times, with no response offered other than “this is not an important issue”. As the flaw is still not fixed, security companies have chosen to publish it and offered details on its nature... perhaps to force Microsoft's hand.

Related Stories

Post a comment
RSS