WinXP Security Flaw
Many readers have submitted word of the newest security hole in Windows XP. joshjs, for instance, writes: "Don't know if this is common knowledge at this point or not, but apparently some security researchers discovered that Windows XP's universal plug and play features contain a huge security flaw: 'A Microsoft official acknowledged that the risk to consumers was unprecedented because the glitches allow hackers to seize control of all Windows XP operating system software without requiring a computer user to do anything except connect to the Internet. ... Microsoft made available on its Web site a free fix for both home and professional editions of Windows XP and forcefully urged consumers to install it immediately.' Read more at the Washington Post's story." No OS is perfectly secure, but I bet a lot of new XP owners won't be too happy about this. Update: 12/20 20:05 GMT by T : fcrick submits a link to the same AP story at Wired, and several readers have pointed out that a patch is available. Update: 12/20 21:31 GMT by T : And as banuaba writes: "This hole also affects versions of 98 with XP File sharing installed and all versions of ME."
Plug your XP box to the internet and pray for the hackers not to find it.
Pedro Côrte-Real.
It's not really Microsoft's fault, if this guy would've stayed quiet then WinXP would still be secure today.
"Oh, you wanted a DOOR to hang that lock on.... Sure, I guess we could do that..."
"This is the first network-based, remote compromise that I'm aware of for Windows desktop systems," said Scott Culp, manager of Microsoft's security response center."
This speaks for itself
Burn Hollywood Burn
"What rock has he been smoking" is perhaps more appropriate.
cat
Now Windows XP offers strong security to home computer users through Internet Connection Firewall protection, which makes your information, computers, and family data safer from intruders as soon as you start using Windows XP.
I guess that helped a lot.
"I don't know half of you half as well as I should like, and I like less than half of you half as well as you deserve."
"Over four hours without a remote hole in the default install!"
Oh the fun you could have with BackOrificeXP right now... User tries to get patch, Evil haX0r-d00d shoots out a pop-up and mp3: a little Strauss music and a MsgBox reading, "I don't think I can let you do that, Dave."
woof.
[1] As opposed to that Win95 "fix" they called Win98 that you had to pay for.
How do you forcefully urge people?
And the "XP Dramatically More Secure" article from a few months ago:
http://www.eweek.com/article/0,3658,s%253D701%2526 a%253D16895,00.asp
Quoting Jim Allchin is fun:
D'oh...