|
|
Windows XP SP2 security update bypassed
Jan 31 2005-One of the biggest items in the Windows XP SP2 update was heap protection and the ability to block rogue programs from inserting command strings into memory and tricking Windows into running the programs. Now, code has been published to allow people to do just that. A Russian based technogy firm, called Positive Technologies, has posted examples of the code used to bypass the Windows protection. Is this good for us? Who are they really trying to help?
I agree that these firms a doing a service, but they should wait until Microsoft can issue a patch before posting examples of code to take advantage of these flaws. Are they doing users a service? No, the only people they are helping are themselves. Sure, they posted a program to help block this, but is the average user going to actually, find, run and fix their problems? No, they are not. And should the regular users even use the patch, I think not. I will not post links to their site or to the code, hopefully Microsoft can come up with a patch soon to fix this problem.
Related articles from other news sites:
Report: Major Windows security update foiled A Russian security company claims it found a way to beat a security measure in Microsoft's Windows XP Service Pack 2, a major update aimed at securing customers' PCs.
The SP2 measure, known as Data Execution Protection, is intended to prevent would-be attackers from inserting rogue code into a PC's memory and tricking Windows into running the program. However, in a paper published Friday, Moscow-based Positive Technologies said two minor mistakes in the implementation of the technology allow a knowledgeable programmer to sidestep the protection.
Security Company Pokes Hole in XP SP2 Patch is available, but some experts advise against installing it.
Russian security company Positive Technologies has released a patch to a security hole it said it discovered in Microsoft's Windows XP Service Pack 2 last year.
"We found two small flaws that a programmer could use to go around the SP2 mechanism Data Execution Protection [DEP]," says Positive Technologies Chief Technology Officer Yury Maximov.
As Microsoft explains on its Web site, DEP is a set of hardware and software technologies that perform additional checks on memory to help prevent malicious code from running on a system. According to Maximov, Positive Technologies informed the Redmond, Washington, software maker on December 22 about a problem with DEP and was told to wait for a response from the company.
Flaw finders go their own way To many software makers and security consultants, flaw finder David Aitel is irresponsible.
The 20-something founder of vulnerability assessment company Immunity hunts down security problems in widely used software products. But unlike an increasing number of researchers, he does not share his findings with the makers of the programs he examines.
Last week, Immunity published an advisory highlighting four security holes in Apple Computer's Mac OS X--vulnerabilities that the security company had known about for seven months but had kept to itself and its customers instead of disclosing the problem to Apple.
"I don't believe that anyone has an obligation to do quality control for another company," Aitel said. "If you find out some information, we believe you should be able to use that information as you wish."
Back to Windows XP homepage.
Windows News - Windows XP News - Technology News - Spyware News - Other News |
|
