Thursday, December 20, 2001
Major WinXP Vulnerability -- 2:01 pm CST, Update by A.T. Hun
The Washington Post is reporting on a major vulnerability in Windows XP. The flaw is in the universal plug-n-play code. It will allow someone to take total control of a WinXP box if it is connected to the Internet. Check Windows Update for a fix. If you have WinXP, check Windows Update NOW. Here's a quote from Microsoft:"This is the first network-based, remote compromise that I'm aware of for Windows desktop systems," said Scott Culp, manager of Microsoft's security response center. "Every Windows XP user needs to immediately take action." He called it a "very serious vulnerability."Thanks Slashdot.
The Master comments: Sigh . . .
UPDATE! Ars Technica is reporting that the patch is not on Windows Update yet. You have to get it from Microsoft directly. Apparently it also affects Windows 98 and ME if you have XP's connection sharing installed. This exploit has been known for five weeks but took this long for a fix. They also posted Microsoft's security bulletin.
UPDATE #2! Aaarrgghh! It's a buffer overflow! Aaaarrrgghh. Oh yeah, it could be used to DDOS a site too. Great.
Recent Headlines
January 5, 2015: It Returns!
August 10, 2007: SCO SUCKS IT DOWN!
July 5, 2007: Slackware 12.0 Released
May 20, 2007: PhpBB 3.0 RC 1 Released
February 2, 2007: DOOM3 1.31 Patch
January 27, 2007: Join the World Community Grid
January 17, 2007: Flash Player 9 for Linux
December 30, 2006: Darkness over Daggerford 1.2
December 19, 2006: Pocket Tunes 4.0 Released
December 9, 2006: WRT54G 1.01.1 Firmware OK with Linux/Mac
The Haus is powered by:
All original information on this website is copyright © TheHaus.Net, 1999-2005. The use of original images, text, and/or code from this website without expressed written consent is prohibited. The authors of this site cannot be held responsible for any damage, real or imagined, which comes from the use of information presented on this site. All trademarks used are the properties of their respective owners. This site is not to be used as a floatation device (but if you try, I want a video tape of it).