SP2 Security Holes

Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.basics (More info?)

TedK wrote:
> The following sight is a write up discussing two security holes found in
> SP2 by German research firm Heise Security:
>
> http://www.internetnews.com/security/article.php/3396761
>
> Any comments from MVPs on this?

Let's look at these one at a time, as two issues are raised here. In
the first, the steps to become at risk are to save a file from the
internet or e-mail attachment. The risk here is that it could be any
type of file, including an image file. Then open a command window and
drag the file to the command window. Then hit enter. At that point the
file would be executed. A fair amount of user interaction is required
here for this exploit to work. There is no known automatic way to carry
out the exploit. While there is some risk, and it mostly comes from the
fact that the command processor (cmd.exe) will execute any file based on
content rather than extension and ignore the zoneid, I don't think most
users will be gullible enough to follow the precise sequence of events
necessary to expose their systems.

In the second, even the Heise site states:

"Exploiting this issue requires the ability to overwrite existing files
which have a trusted or non-existant ZoneID. Right now there is no known
way to achieve this in an attack mounted from the Internet."

They admit right there that this is only a theoretical risk as there is
no known way to pull it off. Someone would already require control of
your machine to pull this off and fool you into executing a file that
you thought was safe. If they already have control of your machine
you've already lost and there is nothing you can do to prevent worse
activity than is described in the article.

Neither one of these issues are new with SP2. I guess the point is that
neither is "patched" by SP2 either. MS has gone a long way with SP2 in
making Windows XP more secure. It isn't perfect, nothing is. People
need to still be wary about any file received from the internet or in
e-mail. Always verify the source no matter how innocent things may appear.
--
Tom Porterfield
MS-MVP MCE
http://support.telop.org

Please post all follow-ups to the newsgroup only.
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.basics (More info?)

My 2 cents - if the user is dumb enough to manually do all the things
describe, then he/she don't deserve to have a computer - take it away (boy
the gene pool gets more polluted every day).

--

Star Fleet Admiral Q @ your service

*************************************************

"TedK" <user@domain.invalid> wrote in message
news:YdudnY69XNgM3LfcRVn-rA@inreach.com...
> The following sight is a write up discussing two security holes found in
> SP2 by German research firm Heise Security:
>
> http://www.internetnews.com/security/article.php/3396761
>
> Any comments from MVPs on this?
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.basics (More info?)

Tom Porterfield wrote:
> TedK wrote:
>> The following sight is a write up discussing two security holes
>> found in SP2 by German research firm Heise Security:
>>
>> http://www.internetnews.com/security/article.php/3396761
>>
>> Any comments from MVPs on this?
>
> Let's look at these one at a time, as two issues are raised here. In
> the first, the steps to become at risk are to save a file from the
> internet or e-mail attachment. The risk here is that it could be any
> type of file, including an image file. Then open a command window and
> drag the file to the command window. Then hit enter. At that point
> the file would be executed. A fair amount of user interaction is
> required here for this exploit to work. There is no known automatic
> way to carry out the exploit. While there is some risk, and it
> mostly comes from the fact that the command processor (cmd.exe) will
> execute any file based on content rather than extension and ignore
> the zoneid, I don't think most users will be gullible enough to
> follow the precise sequence of events necessary to expose their
> systems.
> In the second, even the Heise site states:
>
> "Exploiting this issue requires the ability to overwrite existing
> files which have a trusted or non-existant ZoneID. Right now there is
> no known way to achieve this in an attack mounted from the Internet."
>
> They admit right there that this is only a theoretical risk as there
> is no known way to pull it off. Someone would already require control of
> your machine to pull this off and fool you into executing a file that
> you thought was safe. If they already have control of your machine
> you've already lost and there is nothing you can do to prevent worse
> activity than is described in the article.
>
> Neither one of these issues are new with SP2. I guess the point is
> that neither is "patched" by SP2 either. MS has gone a long way with
> SP2 in making Windows XP more secure. It isn't perfect, nothing is.
> People need to still be wary about any file received from the internet or
> in
> e-mail. Always verify the source no matter how innocent things may
> appear.


Or, to put it another way, Windows XP wasn't designed for AOHELL users...
;o) <eg>.
--
My great-grandfather was born and raised in Elgin - did he eventually
lose his marbles?
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.basics (More info?)

Tom Porterfield wrote:
> TedK wrote:
>
>> The following sight is a write up discussing two security holes found
>> in SP2 by German research firm Heise Security:
>>
>> http://www.internetnews.com/security/article.php/3396761
>>
>> Any comments from MVPs on this?
>
>
> Let's look at these one at a time, as two issues are raised here. In
> the first, the steps to become at risk are to save a file from the
> internet or e-mail attachment. The risk here is that it could be any
> type of file, including an image file. Then open a command window and
> drag the file to the command window. Then hit enter. At that point the
> file would be executed. A fair amount of user interaction is required
> here for this exploit to work. There is no known automatic way to carry
> out the exploit. While there is some risk, and it mostly comes from the
> fact that the command processor (cmd.exe) will execute any file based on
> content rather than extension and ignore the zoneid, I don't think most
> users will be gullible enough to follow the precise sequence of events
> necessary to expose their systems.
>
> In the second, even the Heise site states:
>
> "Exploiting this issue requires the ability to overwrite existing files
> which have a trusted or non-existant ZoneID. Right now there is no known
> way to achieve this in an attack mounted from the Internet."
>
> They admit right there that this is only a theoretical risk as there is
> no known way to pull it off. Someone would already require control of
> your machine to pull this off and fool you into executing a file that
> you thought was safe. If they already have control of your machine
> you've already lost and there is nothing you can do to prevent worse
> activity than is described in the article.
>
> Neither one of these issues are new with SP2. I guess the point is that
> neither is "patched" by SP2 either. MS has gone a long way with SP2 in
> making Windows XP more secure. It isn't perfect, nothing is. People
> need to still be wary about any file received from the internet or in
> e-mail. Always verify the source no matter how innocent things may appear.

Very informative. Thanx.
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom