Slashdot Mirror

← Back to Stories (view on slashdot.org)

XP2 Spotted In The Wild

Posted by michael on from the watch-out-or-it'll-chew-you-up dept.

LostCluster writes "WinXP SP2 has just been released to the public via Automatic Update, but eWeek and PC Magazine are together reporting that Windows XP SP2's 'Windows Security Center' is just about as insecure as it could possibly be. According to them, any program (including ActiveX controls) can access and edit the Windows Management Instrumentation database, and therefore spoof the security status of an insecure box to report that it is properly secured."

23 of 634 comments (clear)

  1. Clippy.exe is eeevvviiilll by Anonymous Coward · · Score: 5, Funny

    any program can access and edit the Windows Management Instrumentation database

    That MF'ing Clippy.exe in MS Word better stop accessing my Instrumentation database or I'll punch that SOB into the middle of next week. Really any program can access and edit the Windows Management Instrumentation database; I knew solitrae and tetris and an altier motive.

  2. No problem here! by GroovBird · · Score: 5, Funny

    My box says it's insecure! So therefor, I can't possibly have some spoofing ActiveX control thingie, can I?

  3. SP2 - as secure as any linux distro... by BobRooney · · Score: 5, Funny

    if every user were root.

  4. Internet Meltdown Predicted for Today by Cocodude · · Score: 5, Funny

    So this is what the Internet Meltdown Predicted for Tomorrow article was referring to!

  5. That's ok by Bricklets · · Score: 5, Funny

    According to them, any program (including ActiveX controls) can access and edit the Windows Management Instrumentation database, and therefore spoof the security status of an insecure box to report that it is properly secured."

    That's ok. MS probably wants it to be easy to use so that everyone can use it. ;)

    --
    Little Bricklets
  6. Re:Scary stuff. by iainl · · Score: 2, Funny

    Cool! Now I can justify buying a replacement mouse on the grounds that a working wheel is a "Security Feature".

    --
    "I Know You Are But What Am I?"
  7. Re:Leopard? by lucabrasi999 · · Score: 5, Funny
    Sounds like some sort of leopard in the jungle, if you ask me.

    Cue Marlin Perkins (of the old Mutual of Omaha Wild Kingdom shows):

    MP: "Today, we are going to find and capture the elusive XP2 Leopard. My associate, Jim, is armed with a toe-nail clipper and a badminton raquet. Jim, why don't you start marching down that trail over there? I'll be back at the truck with the cameraman and a bottle of scotch."

  8. Send in the Rovers by MikeMacK · · Score: 5, Funny
    Based on an anonymous tip, PC Magazine looked into the WMI and the Windows Security Center's use of it, and found that it may not only be a security hole, but a crater.

    Maybe MS could get NASA to send a few rovers in there to see what they can find out.

  9. Re:Scary stuff. by uss_valiant · · Score: 1, Funny

    Do you really still use IE??

    LOL

  10. Re:I'm sorry, were you expecting better? by chewmanfoo · · Score: 2, Funny

    Good Job Microsoft!

    I really appreciate you letting script kiddies hack my box with an ActiveX control to make it look like I'm "secure" when I'm really being ass-raped and turned into a SPAM server!

    Another excellent release. Kudos!

  11. Re:Scary stuff. by NtroP · · Score: 4, Funny
    Crap! One more site that doesn't work right in Safari or Firefox!

    I guess I'll have to switch back to IE.

    --
    "terrorism" and "pedophilia" are the root passwords to the Constitution
  12. Easiest way to break into any box... by Anonymous Coward · · Score: 1, Funny

    Breaking into computers is much like breaking into houses. There are different ways to do it, but the simplest way is to go through windows.

  13. Re:Still better than Unix. by Basalisk · · Score: 2, Funny

    Which again points out just how much of a joke Unix is. If the OS makes no distinction between folders (that's what directories are called in an Object Oriented operating system like Windows) and files, then how can you explore the C: drive? I mean, having to open a file called 'paths.dir' in notepad.exe just to find your files? I'm beginning to suspect that someone is taking the mickey.

  14. Re:Oh my god! by Anonymous Coward · · Score: 1, Funny

    Yea, for example, i was told by my friend to save disk space run a rm -rf /home. I still can't figure where all my settings go.

  15. WARNING by Anonymous Coward · · Score: 0, Funny

    Installing SP2 overwrites W32_Clippy_A with W32_Clippy_B.

  16. Windows? by mrselfdestrukt · · Score: 3, Funny

    What is this Windows XP thing I keep hearing about?

    --
    "I used to have that really cool,funny sig ,but it got stolen."
  17. Calling Dr. Freud by SavoWood · · Score: 2, Funny

    I find it amazing and certainly think someone should alert the NIMH. Software and hardware are each capable of EMOTIONS! Not just that, but complex ones at that. Who knew my little hunk of plastic, silicon, and metal would be so insecure? Is it because of my incessant banging away on the keyboard? Am I touching the mouse inappropriately? How do you tell?

    I'd bet it's when I'm taping out the BPM for the music loaded on the drive. It has to be like the Chinese water torture. Poor little computer.

    Please, let us make amends. I'm offering a sincere apology and promise to do what I can in the future to keep you from feeling battered and furthering your feelings of insecurity.

    Good thing I've got all your patches up to date, or you might find strangers abusing you from far away locations. I'd never let you have such unsecured access. It' would only lead to more insecurity.

    --
    Plant a tree in a developing country.
  18. Programs in the wild by paranode · · Score: 5, Funny


    We're out 'ere lookin for signs of the elusive XP2 that's been said to be lurkin' in the wild...

    Crikey, I've just spotted a wild paypah-clip in it's natural 'abitat! Look at those big ole eyes an'.. oh!.. there he goes trying to ask me if he can 'elp me!! You see, this creature is what's known as a parasite, 'ee leeches off o' your Windows Management Instrumentation databases. It's 'ard to satisfy one o' these buggers, they'll never leave ya alone until they've done your work for ya.

    </steve irwin>

    1. Re:Programs in the wild by FlopEJoe · · Score: 2, Funny
      and ala Southpark

      Watch as I stick my thumb up its ass!

  19. Thank god it's just IT by orzetto · · Score: 2, Funny
    'Windows Security Center' is just about as insecure as it could possibly be.
    Just imagine if Microsoft were an army instead, and decided to promote world peace...
    They would invade a country run by a dictator, continue the dictator's tortures even in the same places, inflame the world and make the world an insanely dangerous place to live.
    Oh, wait...
    --
    Victims of 9/11: <3000. Traffic in the US: >30,000/y
  20. Re:diffrence between the 280 meg and 100 meg SP2? by Anonymous Coward · · Score: 1, Funny

    I know. About 180 megabytes.

  21. Re:Please help a Linux Newbie by Teun · · Score: 4, Funny
    They sound like they have the same (or very similar) problem

    What do you mean *They*?
    It's the same guy Anonymous Coward every time!

    --
    "The likes of Facebook and WhatsApp are free to those whose privacy is of zero value."
  22. Animated dog... by zxflash · · Score: 5, Funny

    If the animated dog says my machine is secure who am I to argue with it...

    --

    All the torrents you could want.