More XP SP2 Vulnerabilities

iago · January 07, 2005, 09:00:55 AM

There's been a lot of ways found to run arbitrary code from remotely in Internet Explorer lately, even with fully patched SP2. This is one of them:
http://secunia.com/advisories/12889/

My point is, stop using IE if you are :)

From Secunia, some stats:

QuoteVendor: Microsoft
Product Affected By: 75 Secunia Advisories

Microsoft Internet Explorer 6 with all vendor patches installed and all vendor workarounds applied, is currently affected by one or more Secunia advisories rated Extremely critical

This is based on the most severe Secunia advisory, which is marked as "Unpatched" in the Secunia database. Go to Unpatched/Patched list below for details.

Currently, 21 out of 75 Secunia advisories, is marked as "Unpatched" in the Secunia database.

Mythix · January 07, 2005, 09:18:33 AM

My point is, most will never change, they're afraid of it, thus they depend on M$ for all of their needs.

Newby · January 07, 2005, 10:37:46 AM

That's sad. SAD.

iago · January 07, 2005, 11:02:15 AM

I hate SP2 soo much. Computers shouldn't even need a personal firewall. All a firewall is is a coverup for lousy programming. If a vulnerability is found in a service, it should be disabled. It's unfortunate that, on Windows, you can't.

iago · January 07, 2005, 12:45:45 PM

Apparnetly the product has 2 nice features:
1. It listens on port 2571 (which I would imagine goes through SP2's firewall, since it's MS)
2. Its icon is a big target

Gee, I wonder what's coming? :)

Stay tuned for the first annual Anti-Spyware Worm!

Mythix · January 07, 2005, 10:07:26 PM

hahaha

I did enjoy the little notifications every 5 minutes.

"YOU ARE NOW ACCESSING NOTEPAD, BE CAUTIOUS, OPEN PORTS WITH NOTEPAD OPEN COULD LEAD TO INTRUDERS!"

Quik · January 07, 2005, 11:58:18 PM

Then, we will have the evil jpg of doom, which will give you a virus just by looking at a jpg file while on Windows.

iago · January 08, 2005, 11:05:07 AM

I'm just waiting for Spyware that uses Microsoft's Anti-Spyware program to propogate. If that happens, I'm going to laugh soooo hard.

rabbit · January 08, 2005, 05:14:19 PM

You should make one, then laugh your ass off. Not a malicious one even, actually, make it like the Polite Virus and have it ask the user if they want to allow the worm to spread around a little :)

Quik · January 08, 2005, 05:17:25 PM

I'm surprised a vulnerability has been finally found where the only immune Windows system is SP2, usually it's the other way around ;)

iago · January 09, 2005, 02:08:59 AM

Quote from: Quik on January 08, 2005, 05:17:25 PM
I'm surprised a vulnerability has been finally found where the only immune Windows system is SP2, usually it's the other way around ;)

There were lots of those. Jpeg vulnerabliity, several IE vulnerabilities, and others. SP2 is doing pretty well, still and has only had a few vulns :)

Clan x86

News:

More XP SP2 Vulnerabilities

iago

Mythix

Newby

iago

iago

Mythix

Quik

iago

rabbit

Quik

iago