[mswindowsxp] XP hole could compromise system

  • From: "Jim Kenzig http://thethin.net" <jimkenz@xxxxxxxxxxxxxx>
  • To: <mswindowsxp@xxxxxxxxxxxxx>
  • Date: Tue, 27 Jan 2004 16:44:10 -0500

 http://www.infoworld.com/article/04/01/27/HNxphole_1.html
XP hole could compromise system
Vulnerability described as 'moderately critical'
  By Kieren  McCarthy, Techworld.com January 27, 2004

 A hole has been discovered in Windows XP Professional and Home Edition that
could compromise a network and be used to get into protected areas.
 Reported by bug-finder 'http-equiv' of Malware.com -- who has found several
critical holes in Microsoft software previously -- the vulnerability has
been described as ?moderately critical," which means you can still get a cup
of tea before you fix it but don?t have a long lunch.

There is a proof of concept available and the official explanation is this:
?It is possible to construct a malicious folder containing both script code
and an executable file. This can be exploited to make Windows Explorer
execute code automatically on a user's system if the user is tricked into
opening the folder.?

Microsoft is not due to post patches for a couple of weeks, so it will be a
possible route in for a while. The trick is not to open unusual folders. But
then that is always the case and everyone still does it.










==================================
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/winxplist.cfm

Other related posts:

  • » [mswindowsxp] XP hole could compromise system