[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RT]



PureBytes Links

Trading Reference Links

http://grc.com/dos/xpsummary.htm

Gibson was warning about XP as late as August 2001


----- Original Message -----
From: "Mark Jurik" <mark@xxxxxxxxxxxx>
To: "'Omega List'" <Omega-list@xxxxxxxxxx>; "'Realtraders'"
<realtraders@xxxxxxxxxxxxxxx>; "'MetaStock List'"
<metastock@xxxxxxxxxxxxxxxxxx>
Sent: Thursday, December 20, 2001 4:50 PM
Subject: [RT]


> Micrsoft Admits XP Security Flaw
>
> THURSDAY, DECEMBER 20, 2001 5:31 PM - Associated Press
>
> Microsoft Corp. acknowledged several serious flaws Thursday in its newest
version of Windows, billed as the most secure ever, that allow hackers to
steal or destroy a victim's data files across the Internet or implant rogue
computer software. It urged consumers to quickly install a free fix it
offered. A Microsoft official said the risk to consumers was unprecedented
because the glitches allow hackers to seize control of all Windows XP
operating system software without requiring a computer user to do anything
except connect to the Internet.
>
> Microsoft made available on its Web site a free fix for both home and
professional editions of Windows XP and forcefully urged consumers to
install it immediately. The flaws, discovered five weeks ago by independent
security researchers, threatened to undermine widespread adoption of
Microsoft's latest Windows software, which many hope will be an economic
catalyst for the sagging technology industry.
>
> [snip]
>
>  The Windows XP problems affect a little-used feature that eventually will
allow consumers to control high-tech household appliances using their
computers. Called "universal plug and play," the feature is activated by
design in every copy of Windows XP and can be added manually to Microsoft's
earlier Windows ME software, also used by millions of consumers worldwide.
"This is the first network-based, remote compromise that I'm aware of for
Windows desktop systems," said Scott Culp, manager of Microsoft's security
response center. "Every Windows XP user needs to immediately take action."
He called it a "very serious vulnerability."
>
> [snip]
>
> Maiffret and his researchers demonstrated the flaws for The Associated
Press by hacking into a reporter's laptop running Windows XP from 2,300
miles away and successfully instructing the computer to connect
automatically several times to the Web site for the National Security
Agency, the government's super-secret spy agency. Microsoft and Maiffret
said there was no suggestion that anyone has used these flaws to break into
any computers; Maiffret predicted that many hackers will be able to
duplicate his firm's research - and begin breaking into unprotected
computers - "a couple months from now."
>
> eEye's Riley Hassell, also 21, discovered methods for hackers to either
disrupt a victim's Windows XP computer, order it to attack other Internet
users or instruct it to run commands - such as to delete or steal files or
install rogue software. "This is very serious," Maiffret said. Hackers using
these methods "could reformat your hard-drive, record your keystrokes," he
added. Hackers could attack individual computers directly, though the flaws
also allow hackers to transmit an attack to a single Internet address and
strike all the nearby Windows XP computers within a corporation or
neighborhood.
>
> The flaws are particularly embarrassing to Microsoft because their
discovery falls so close to Christmas and because of the company's
commercial emphasis on improved security in Windows XP. The company boasts
as one of 10 reasons for technology experts to buy Windows XP the promise of
a "safe, secure and private computing experience."
>
> [snip]
>
> =============================================
>
> If you have Windows XP, go here for the patch NOW !!!
>
>
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
bulletin/MS01-059.asp
>
> URL is all on one line, no spaces
>
> =================================================
>
> - mark jurik
>
>
>
> ------------------------ Yahoo! Groups Sponsor ---------------------~-->
> Send FREE Holiday eCards from Yahoo! Greetings.
> http://us.click.yahoo.com/IgTaHA/ZQdDAA/ySSFAA/zMEolB/TM
> ---------------------------------------------------------------------~->
>
> To unsubscribe from this group, send an email to:
> realtraders-unsubscribe@xxxxxxxxxxxxxxx
>
>
>
> Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
>
>