Most Popular
| Top Stories | Commented | Featured |
TechSpot Blog: Disable Windows automatic check for solutions after a program crashes featured
Weekend Open Forum: Google Chrome OS and the future of cloud computing featured
Tech Tip of the Week: Unearth Region-Specific Windows 7 Themes featured
Sony: PlayStation 3 to be 3D-capable via firmware update
Weekend tech reading: How to run Chrome OS as a virtual machine
Facebook named third most popular video website behind YouTube and Hulu
Details of Intel's 32nm Atom emerge, on track for 2011
iSuppli: DDR3 to account for over half of DRAM shipments by Q2 2010
TechSpot RSSInformation Technology
New vulnerability in Windows XP published
A new vulnerability (but not newly discovered) has been published for Windows, this time only affecting Windows XP. Fully patched SP2 XP machines are apparently vulnerable in two libraries via the same flaw, by causing a buffer overflow that could lead to code execution. As the majority of flaws we hear about are similar in nature, it's really not surprising at all.
Secunia has rated the flaw as moderately critical, as the flaw requires software written in such a fashion that exploitation is possible. Microsoft does not yet have a security bulletin. The only interesting note about the flaw to me was a list of the some affected software, such as HP's Photo & Imaging Gallery and their All-In-One Series Web Release Software.
What is sad about this case is that the actual bug was apparently reported to Microsoft in June, several times, with no response offered other than “this is not an important issue”. As the flaw is still not fixed, security companies have chosen to publish it and offered details on its nature... perhaps to force Microsoft's hand.
Secunia has rated the flaw as moderately critical, as the flaw requires software written in such a fashion that exploitation is possible. Microsoft does not yet have a security bulletin. The only interesting note about the flaw to me was a list of the some affected software, such as HP's Photo & Imaging Gallery and their All-In-One Series Web Release Software.
What is sad about this case is that the actual bug was apparently reported to Microsoft in June, several times, with no response offered other than “this is not an important issue”. As the flaw is still not fixed, security companies have chosen to publish it and offered details on its nature... perhaps to force Microsoft's hand.
Related Stories
