Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows XP Flaw 'Extremely Serious'

Posted by Zonk on from the escalation dept.

scottott wrote to mention a Washington Post article with the news that the security hole we mentioned on Wednesday has widened. Computers can now be infected just by visiting infected web sites, or looking at images in the preview panel of older versions of Outlook. From the article: "At first, the vulnerability was exploited by just a few dozen Web sites. Programming code embedded in these pages would install a program that warned victims their machines were infested with spyware, then prompted them to pay $40 to remove the supposed pests. Since then, however, hundreds of sites have begun using the flaw to install a broad range of malicious software. SANS has received several reports of attackers blasting out spam e-mails containing links that lead to malicious sites exploiting the new flaw, Ullrich said."

2 of 630 comments (clear)

  1. Gotta love it... by Chmcginn · · Score: 5, Insightful
    From the article:
    Reavey encouraged users to update their anti-virus software, ensure all Windows security patches are installed, avoid visiting unfamiliar Web sites, and refrain from clicking on links that arrive via e-mail or instant message.
    (Emphasis added by me) Three good pieces of advice, and... I mean, seriously, avoid visiting unfamiliar web sites? That's like saying "There's been lots of credit card scams recently, you shouldn't go into any store you haven't been to before."
    --
    Have you been touched by his noodly appendage?
  2. Windows Major Foul-Up by spellraiser · · Score: 5, Insightful
    Larry Seltzer has a concise column about this exploit, where he doesn't exactly pull the punches on Microsoft. The most interesting piece of information there is this:

    The problem with the WMF (Windows Metafile) file format turns out to be one of those careless things Microsoft did years ago with little or no consideration for the security consequences.

    Almost all exploits you read about are buffer overflows of some kind, but not this one. WMF files are allowed to register a callback function, meaning that they are allowed to execute code, and this is what is being exploited in the WMF bug.

    I find this mind-boggling to the point of absurdity. Regardless of any supposed benefit gained by this, allowing a data file to execute arbitrary code upon it being viewed is simply begging for an exploit like this. No matter whan spin Microsoft will try to put on this one, it makes them look bad. Extremely bad.

    --
    I hear there's rumors on the Slashdots