Windows XP SP2 Has a Dangerous Hole

By Jay Munro  |  Posted 2004-08-25 Print this article Print

UPDATED: For home users, Windows Security Center in SP2 could actually leave the door open for a damaging system spoof, says

Windows XP Service Pack 2 promises to raise the security bar for the sometimes beleaguered operating system. Unfortunately, one of the new features could be spoofed so that it reports misleading information about system security, or worse, lets a malicious program watch for an opportunity to do damage without being detected. The feature is the Windows Security Center (Figure 1), which displays the status of the key elements of your defenses: firewall, updates and anti-virus. If your firewall has been disabled, or your anti-virus is out of date, that news will display here. The information is stored in an internal database managed by the Windows Management Instrumentation (WMI) subsystem built into Windows.

Based on an anonymous tip, PC Magazine looked into the WMI and the Windows Security Centers use of it, and found that it may not only be a security hole, but a crater.
Read the full article for more about details about how this hole may enable hackers to steal data, infect computers and turn them into zombies. Editors Note: See Microsofts response to this story

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Thanks for your registration, follow us on our social networks to keep up-to-date
Rocket Fuel