Holes found in Windows XP update
From the BBC
Reported bugs in SP2 let files find their way onto users' machines
Barely hours after home users started securing their PCs with a key update for Windows XP, security experts have found ways around it.
The SP2 update makes XP less attractive to virus writers and malicious hackers by plugging widely exploited loopholes.
But discoveries by security firms Secunia and German company Heise show that some holes have been left open.
Microsoft said it was investigating one of the new bugs but said no users had been caught out by this loophole.
Bug watch
The bug Microsoft is looking into lets malicious programs hide as images that automatically install and then run when Windows is re-started.
Microsoft only put the SP2 security patch for the Home edition of Windows XP on its auto-update servers this week.
SP2 provides a single place for people to control anti-virus software, firewall and XP updates as well as blocking pop-up ads, some spyware and warning about the dangers of e-mail attachments.
SP2 CHANGES
Pop-up ads blocked
Revamped firewall on by default
Outlook Express, Internet Explorer and Windows Messenger warn about attachments
Origins of downloaded files logged
Web graphics in e-mail no longer loaded by default
Some spyware blocked
Users regularly reminded about Windows Updates
Security Centre brings together information about anti-virus, updates and firewall
Protection against buffer over-runs
Windows Messenger Service turned off by default
The update also tweaks XP to make it less vulnerable to the bugs exploited by viruses and other malicious programs.
But security expert Secunia has posted information about a bug in Internet Explorer that could, it says, let a malicious website "plant an arbitrary executable file in a user's start-up folder".
When an infected system is re-booted, the planted program will run.
The bug works on systems patched with SP2.
The loophole, which strikes when files are dragged and dropped from the net on to a local zone, was found by an ethical hacker who goes by the handle of http-equiv.
A demonstration of the bug has been posted on the Malware website.
"Given the significant amount of user action required to execute an attack, Microsoft does not consider this to be a high risk for customers," said Paul Randle, head of all things XP at Microsoft UK.
But he added that Microsoft was investigating to see what action needed to be taken to deal with the bug.
Tricking Windows
Other problems with SP2 were discovered by German security firm Heise, which published information about two of them.
Heise found that the system SP2 introduces to warn users about the dangers of running untrusted files downloaded from the net can be subverted.
The company found a way to trick Windows into running net-downloaded files without warning users about what was happening.
When Heise asked Microsoft about the bugs, the software giant said it did not think that it needed to produce patches or workarounds to tackle them.
The vulnerabilities discovered have are not being exploited in the wild and have only been demonstrated as working in ideal circumstances.
However, Microsoft has produced a so-called hotfix for SP2 to help tackle a problem some people are having with programs that use particular net addresses.
Reply With Quote
Bookmarks