You are here: silicon.com > Software > Operating Systems

Operating Systems

Russians crack XP SP2 flaw

Microsoft given a month's warning before paper published...

Tags: data execution protection, service pack two, sp2

Printer Friendly Email Story RSS

By Robert Lemos

Published: 31 January 2005 10:10 GMT

A Russian security company claims it found a way to beat a security measure in Microsoft's Windows XP Service Pack 2.

The SP2 measure, known as Data Execution Protection, is intended to prevent would-be attackers from inserting rogue code into a PC's memory and tricking Windows into running the program. However, in a paper published on Friday, Moscow-based Positive Technologies said two minor mistakes in the implementation of the technology allow a knowledgeable programmer to sidestep the protection.

The company notified Microsoft of the problem on 22 December, but it apparently decided not to wait for the software giant to patch the flaws.

Neither Microsoft nor Positive Technologies immediately responded to requests for comment on Friday.

After several delays, Microsoft began rolling out SP2 in August of last year, at which time company chairman Bill Gates called the update "a significant step in delivering on our goal to help customers make their PCs better isolated and more resilient in the face of increasingly sophisticated attacks".

Robert Lemos writes for CNET News.com.

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In
Applications

Operating Systems

SOA/Web Services

Malware

Security Strategy


Reader Comments

Not an security enhancement at all: thanks to anot...
Robert Howe

Click here to see all

Related Links

Microsoft: 'DRM hole? It's not a flaw, but patch it'

Flaws in XP SP2, Mozilla, Konquerer... you name it...

Windows XP SP2 finally hits the shops

Microsoft misses XP SP2 target by 80 million

Microsoft releases patch for XP SP2

Microsoft doubles XP SP2 delay as users clamour for more time

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

for IT White Papers Newsletter

Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business

Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business


Outsourcing: CIOs' tips on getting it right

Google's Eric Schmidt on search, Android and all things Wave

Revealed: Your favourite Windows operating system

Maemo and Android: Symbian's open source rivals up the pressure

Open source? No good for cost cutting, say CIOs



  • Jobs
Senior Software Engineer

CompanyMcAfee creates best-of-breed computer security solutions that span large enterprises, governments, small- & medium-sized businesses, & ...

Infrastructure Manager

Our unmatched security expertise, focus on manageability, and proven ability to successfully prevent attacks are the reasons why McAfee is the ...

Technical Support Account Manager - Amsterdam

Maintain efficient and effective communication between customers and the Product Specialists.Responsible for all proactive communications regarding ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.

CEO Dashboard Management: Why Creating Visual Reports You Can't Hide From Will Help...

Virtual Private Servers (VPS)

Looking for a fast payback? 10 Minutes with Free Tool Can Save Thousands

The Truth About Wasteful Spending on Software: How to Stop Giving Your Software Vendors...

Martin Brokers cashes in on back-up swap

VocaLink makes virtualisation pay

Sony Pictures sets sights on best IT Oscar

Co-op Group kicks "server sprawl" into touch

Arts Council gets tech troubleshooting boost

Torex tech treats Thorntons to quicker sales

Stories from the web...


eBay app lets users bid from a BlackBerry

ID card database: 500 names added in first month

Women in IT: Tech has an image problem

Tesco Mobile to get a taste of Apple's iPhone

Marketing chiefs: Are you spamming your customers?

IT skills shortage squashed by recession?




Quick Sitemap Links: