Ten SP2 flaws leave XP users open to hackers

Millions at risk from 'silent and remote' attacks, claims security firm

Robert Jaques, vnunet.com 11 Nov 2004

Security researchers claimed today that millions of Microsoft customers are at risk from 10 serious security vulnerabilities uncovered in Windows XP patched with Service Pack 2 (SP2).

By exploiting all the vulnerabilities discovered in SP2 by security firm Finjan, attackers could "silently and remotely" take over an SP2 machine when the user simply browses a web page.

Finjan claimed that hackers could also switch between Internet Explorer security zones to obtain rights of local zone Internet Explorer users.

This could make it possible to elevate the privilege level of mobile code downloaded from the internet, thereby allowing the remote code to read, write and execute files on the user's hard drive.

According to Finjan, hackers could also bypass XP SP2's notification mechanism on the download and execution of .exe files, and therefore download files without any warning or notification.

Finjan's Malicious Code Research Center, which claims to have identified the flaws, has provided Microsoft with full technical details and has been assisting the software giant to patch the holes.

Although it warned users about the alleged flaws, the security firm refused to provide specific details.

"In order to prevent the creation of malicious viruses and worms, Finjan will not release any technical details about these vulnerabilities until they are fully patched by Microsoft," it stated.

Shlomo Touboul, chief executive and founder of Finjan Software, added: "The recently released XP SP2 operating system offers certain security features.

"However, it suffers because it is still basically the same operating system and has some major flaws which compromise end-user security."

See also: