[mswindowsxp] XP hole could compromise system

  • From: "Jim Kenzig http://thethin.net" <jimkenz@xxxxxxxxxxxxxx>
  • To: <mswindowsxp@xxxxxxxxxxxxx>
  • Date: Tue, 27 Jan 2004 16:44:10 -0500

XP hole could compromise system
Vulnerability described as 'moderately critical'
  By Kieren  McCarthy, Techworld.com January 27, 2004

 A hole has been discovered in Windows XP Professional and Home Edition that
could compromise a network and be used to get into protected areas.
 Reported by bug-finder 'http-equiv' of Malware.com -- who has found several
critical holes in Microsoft software previously -- the vulnerability has
been described as ?moderately critical," which means you can still get a cup
of tea before you fix it but don?t have a long lunch.

There is a proof of concept available and the official explanation is this:
?It is possible to construct a malicious folder containing both script code
and an executable file. This can be exploited to make Windows Explorer
execute code automatically on a user's system if the user is tricked into
opening the folder.?

Microsoft is not due to post patches for a couple of weeks, so it will be a
possible route in for a while. The trick is not to open unusual folders. But
then that is always the case and everyone still does it.

To Unsubscribe, set digest or vacation
mode or view archives use the below link.


Other related posts:

  • » [mswindowsxp] XP hole could compromise system