Microsoft plays down SP2 security glitches.Glitches between Windows XP The previous client version of Windows. XP was a major upgrade to the client version of Windows 2000 with numerous changes to the user interface. XP improved support for gaming, digital photography, instant messaging, wireless networking and sharing connections to the Internet. Service Pack 2 (SP2) and critical applications continue to emerge, with McAfee admitting its flagship VirusScan product prior to version 7.1 requires a customised patch to be operational with Windows ' Security Center, part of SP2. McAfce also said its enterprise Desktop Firewall product requires a patch before it can function with Windows Security Center The Windows Security Center is a component included with Microsoft's Windows XP (as of Service Pack 2) and Windows Vista operating systems that provides users with the ability to view the status of computer security settings and services. . Since it was released, activists have been searching for weaknesses in Microsoft's security--focused service pack. Microsoft has already dismissed claims by German researchers that they had found a flaw. Now a group has claimed malicious code could bypass the new security procedures in XP by using the drag- and-drop features of Internet Explorer Internet Explorer has been designed to view the broadest range of web pages without major problems. During the heydays of the historic browser wars, Internet Explorer embraced Netscape by supporting many of the progressive features of the time. . Consultant Secunia said researcher http-equiv has demonstrated that "the vulnerability is caused due to insufficient validation of drag-and-drop events issued from the internet zone to local resources". For example, this can be exploited by a malicious web site to plant an arbitrary executable file See executable code. in a users startup folder A Windows folder that contains pointers to applications (shortcuts) that are launched when Windows is started. See Win Startup folder. , which will be executed the next time Windows starts up. But Microsoft believes hackers looking to exploit this would have to rely on help from users. "Given the significant amount of user action required to execute an attack, Microsoft does not consider this to be a high risk for customers," the firm said in a statement. "Microsoft is not aware of any customer impact at this time. However, it will continue to investigate the issue to determine the appropriate course of action to protect its customers." Alex Tatham, vice-president global software at Microsoft distributor Bell Microproducts, played down the glitches being touted about SP2. "it is a good upgrade. We have not come across any issues. I believe people are just experiencing normal teething teething /teeth·ing/ (teth´ing) the entire process resulting in eruption of the teeth. teeth·ing n. The eruption or cutting of the teeth. problems," he said. www.vnunet.com |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion