Re: what do we make of this........
From: Margles Singleton (MarglesSingleton@firsthealth.com)Date: 09/11/02
- Previous message: Ian Kelly: "Re: Best Practice for Screen Savers"
- Maybe in reply to: Teodorski, Chris: "what do we make of this........"
- Next in thread: Steven Gott: "RE: what do we make of this........"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 11 Sep 2002 13:08:03 -0500 From: "Margles Singleton" <MarglesSingleton@firsthealth.com> To: <security-basics@lists.securityfocus.com>
referenced on Sans.org/newlook/home.php
"XP Service Pack Said to Fix Major Flaw
Source: PC World
Date Written: September 10, 2002
Date Collected: September 10, 2002
Microsoft has released Service Pack 1 (SP1) for Windows XP. The update
contains already-released patches for XP, and modifies the Windows
Product Activation mechanism. The anti-piracy mechanism does not allow
users to install the one copy of the operating system on multiple
machines by checking hardware specifications. A three-day grace period
is now part of the system before the Windows Product Activation
mechanism will lock up the machine, which will help prevent legitimate
users from being locked out if their hardware is changed. Additionally,
SP1 addresses a recently discovered vulnerability that would allow
hackers to delete files on a machine running Windows XP. Some security
experts, however, do not believe that the patch addresses all
vulnerabilities in Internet Explorer 5.5 and 6.0.
http://www.pcworld.com/news/article/0,aid,104810,00.asp
Also -
http://www.computerworld.com/softwaretopics/os/windows/story/0,10801,74104,00.html
Also - http://www.theregister.co.uk/content/55/27048.html "
mas
>>> Frederik <frederik@padjen.de> 09/11/02 10:43AM >>>
Steve Gibson again...
This guy is the prototype FUD-monger.I treat anything coming from
his website with extreme caution.He is giving no information and is
even
trying to justify it....simply forget and obtain your security
information
from more reliable places.
Frederik
Am Mittwoch, 11. September 2002 04:51 schrieb Teodorski, Chris:
> from http://grc.com/default.htm
>
> Attention Windows XP Users
>
> A little-known but critical vulnerability exists in Windows XP.
>
> It has recently been repaired in Service Pack 1.
>
> This vulnerability allows the files contained in any specified
directory on
> your system to be deleted if you click on a specially formed URL.
This URL
> could appear anywhere: sent in malicious eMail, in a chat room, in a
> newsgroup posting, on a malicious web page, or even executed when
your
> computer merely visits a malicious web page. It is likely to be
widely
> exploited soon.
>
> This vulnerability is so dangerous that it would be irresponsible for
me to
> say more. Microsoft has known of this problem for months and has,
> inexplicably, done nothing before now. Although XP's Service Pack 1
is not
> small (approx 30 MB for express installation or 140 MB for the
network
> install), and even though a much quicker and easier solution to this
> problem exists, the only thing I can safely recommend (without
revealing
> too much) is to urge all XP users to somehow obtain and install
Service
> Pack 1 immediately. (If you have a slow Internet connection, perhaps
a
> friend can download the executable Service Pack file and burn it onto
a CD
> for you?)
>
> This problem does not affect any systems other than Windows XP. If
you have
> any friends or co-workers running Windows XP, please urge them to
update
> their systems' too. Once the details of this vulnerability have
leaked
> through other channels I will provide additional information.
- Previous message: Ian Kelly: "Re: Best Practice for Screen Savers"
- Maybe in reply to: Teodorski, Chris: "what do we make of this........"
- Next in thread: Steven Gott: "RE: what do we make of this........"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
