Saturday, November 13, 2004

Ten SP2 flaws leave XP users open to hackers

Yipes Microsoft XP SP2 has some flaws too . Microsoft Surely is gonna come out with patches for it.

Security researchers claimed today that millions of Microsoft customers are at risk from 10 serious security vulnerabilities uncovered in Windows XP patched with Service Pack 2 (SP2).

By exploiting all the vulnerabilities discovered in SP2 by security firm Finjan, attackers could "silently and remotely" take over an SP2 machine when the user simply browses a web page.

Finjan claimed that hackers could also switch between Internet Explorer security zones to obtain rights of local zone Internet Explorer users.

This could make it possible to elevate the privilege level of mobile code downloaded from the internet, thereby allowing the remote code to read, write and execute files on the user's hard drive.

According to Finjan, hackers could also bypass XP SP2's notification mechanism on the download and execution of .exe files, and therefore download files without any warning or notification.

you can read more on it at ittoolbox site here.


Post a Comment

<< Home