Microsoft Windows XP SP2 sports dangerous security hole

“Windows XP Service Pack 2 promises to raise the security bar for the sometimes beleaguered operating system. Unfortunately, one of the new features could be spoofed so that it reports misleading information about system security, or worse, lets a malicious program watch for an opportunity to do damage without being detected. The feature is the Windows Security Center, which displays the status of the key elements of your defenses: Firewall, Updates, and Antivirus. If your firewall has been disabled, or your antivirus is out of date, that news will display here. The information is stored in an internal database managed by the Windows Management Instrumentation (WMI) subsystem built into Windows,” PC Magazine reports. “Based on an anonymous tip, we looked into the WMI and the Windows Security Center’s use of it, and found that it may not only be a security hole, but a crater.”

Full article here.

MacDailyNews Take: Windows-only users, had enough punishment, yet? If so, information about smoothly adding a secure Mac OS X machine to your computing arsenal can be found here.

47 Comments

  1. Like I’ve been saying for a the longest time, with every “new and updated” version, Windows OS is NOT like a block of traditional Swiss cheese, its becoming a block of Lorraine Swiss cheese which has smaller but far more greater holes.

  2. How in the world Windows users do not fell duped and scammed and robbed by Microsoft. Change the business field – say a toaster – and it is as if you were still buying and repairing the same old toaster, such a good value, only 10$ (but repairs to damages here and there already run in the thousands) and the same salesman keeps you promising that WHEN you will get your first crispy perfectly grilled slice of bread THEN you will fully realize the marvel you have.

    And oh yes, that water leaking, we promise it will be fixed soon. Oh, it fried your entire electrical system at home 5 times? Gosh, they do not build reliable stuff anymore. You should be proud to have at least the perfect toaster.

  3. The fact that this (continues to) be even a news story, and people are interested in it, is absolutely astounding! Were it not for real, this would be totally unbelievable.

    The fact that MS is still even in the business of producing Windows (of any flavor) is only slightly less comical, and amazing, than the fact that there are still human beings using it and [gasp]still buying[/gasp] it.

    zac

  4. To be fair, it is a little bit stupid to report this as a whole new “vulnerablity.”

    Security experts have been saying it for a while now — if malicious code is able to execute with admin priviledges on your machine, you are toast. You can no longer trust ANYTHING on the machine to report truthfully to you.

    WMI is just one attack vector among a zillion. If I am evil code running locally as an admin, I could also, without too much effort, replace your kernel, your file browser, your task manager, your DLLs, your OS X Frameworks, etc. with modified versions that lie to you about what the system is doing.

    Granted, the condition — with admin priviledges — is a little tougher on a good platform like OS X where it’s going to ask even an admin user to authenticate before modifying the system.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.