Next Generation Emulation banner
1 - 2 of 2 Posts

8+ Years
2,800 Posts
Discussion Starter · #1 ·
Microsoft Patches XP

Microsoft went to extreme lengths in order to convince the public that their latest OS was the most secure ever. This week however, they had to issue a patch for Windows XP in order to cover what has been described as, the worst Windows security hole ever.
According to Microsoft all Windows XP users have o apply the patch, while those who use Windows 98, Windows 98 Second Edition and Windows ME should only do so if they have installed the Universal Plug and Play (UPnP) service.
The Universal Plug and Play (UPnP) service allows computers to discover and use network-based devices. Windows ME and XP include native UPnP services; Windows 98 and 98SE do not include a native UPnP service, but one can be installed via the Internet Connection Sharing client that ships with Windows XP.

The problems with the security hole could, potentially, lead to an attacker gaining complete control of a pc running the UPnP service.

To convince you that this is an important patch here is what Scott Culp, manager of Microsoft's Security Response Center said "This is a serious vulnerability. People running Windows XP need to put the patch on right away,".

FBI Warns: XP Still Not Safe

According to a Federal Bureau of Investigations announcement the recently released, security patch for Windows XP is not enough. It is unusual for the National Infrastructure Protection Center, the FBI's relevant department, to go so far as to issue a security warning, it usually leaves computer security warnings to the private sector. FBI officials even held technical discussions with Microsoft and other industry experts, to identify ways to minimize the risk from security holes in Windows XP. The resulting suggestion to consumers and companies from the FBI's NIPC is "install the patch and turn off Universal Plug and Play."

Once again we are confused, Microsoft insists that the patch deals with all the security issues concerned, the FBI says "the patch is not enough.". Considering Microsoft has shipped about 650,000 copies of Windows XP, not including those shipped with new PC's, the problem becomes clear. How many of those copies were bought just because Microsoft said "Win XP is the safest OS ever"?

To find out more about the patch and to download it, follow the link below and to the right.

A lot of the advertising campaign and the controversy, real or manufactured, over Windows XP focused on the OS's anti-theft features.
It has become painfully obvious however, that illegal installation files that bypass registration for WinXP were available within hours of it being for sale.

While everyone assumed that some method would be devised in order to avoid the registration process, no one could have imagined the speed with which these "bypass" files found their way onto the internet, through Far Eastern sites at first, and then on to Warez sites.
Yesterday Malaysian Street Markets offered the latest Windows OS for a mere 1.3 USD. An interesting photograph that proves the speed of the black market in the Far East can be seen in the TaiPei Times. (You can find the link in the download section).

Another interesting feature of the activation files is that they were compiled using publicly available monitoring tools. The simplicity and basic nature of the files, strongly suggest that someone in Redmond greatly underestimated the intelligence of the Cracker comunity.

1 - 2 of 2 Posts
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.