WinXP Security Flaw

Many readers have submitted word of the newest security hole in Windows XP. joshjs, for instance, writes: "Don't know if this is common knowledge at this point or not, but apparently some security researchers discovered that Windows XP's universal plug and play features contain a huge security flaw: 'A Microsoft official acknowledged that the risk to consumers was unprecedented because the glitches allow hackers to seize control of all Windows XP operating system software without requiring a computer user to do anything except connect to the Internet. ... Microsoft made available on its Web site a free fix for both home and professional editions of Windows XP and forcefully urged consumers to install it immediately.' Read more at the Washington Post's story." No OS is perfectly secure, but I bet a lot of new XP owners won't be too happy about this. Update: 12/20 20:05 GMT by T : fcrick submits a link to the same AP story at Wired, and several readers have pointed out that a patch is available. Update: 12/20 21:31 GMT by T : And as banuaba writes: "This hole also affects versions of 98 with XP File sharing installed and all versions of ME."

Oh really

[rbgaynor]

"This is the first network-based, remote compromise that I'm aware of for Windows desktop systems," said Scott Culp, manager of Microsoft's security response center.

Obviously Scott doesn't read /.

How Does Microsoft Expect to Stay in Business?

[portege00]

First there's the licensing stuff, which is obnoxious and Orwellian, then there was the TCP/IP vulnerability, and now THIS!?

So, basically, you pay more for an OS that's completely insecure and Microsoft gets to keep track of you. Linux, anyone?

"... most secure ever ..."

[Lumpish+Scholar]

Microsoft's newest version of Windows, billed as the most secure ever, contains several serious flaws that allow hackers to steal or destroy a victim's data files across the Internet or implant rogue computer software.

I wonder what their least secure version allows?-)