You are here: silicon.com > Software > Operating Systems

Operating Systems

Russians crack XP SP2 flaw

Microsoft given a month's warning before paper published...

Tags: data execution protection, service pack two, sp2

Printer Friendly Email Story RSS

By Robert Lemos

Published: 31 January 2005 10:10 GMT

A Russian security company claims it found a way to beat a security measure in Microsoft's Windows XP Service Pack 2.

The SP2 measure, known as Data Execution Protection, is intended to prevent would-be attackers from inserting rogue code into a PC's memory and tricking Windows into running the program. However, in a paper published on Friday, Moscow-based Positive Technologies said two minor mistakes in the implementation of the technology allow a knowledgeable programmer to sidestep the protection.

The company notified Microsoft of the problem on 22 December, but it apparently decided not to wait for the software giant to patch the flaws.

Neither Microsoft nor Positive Technologies immediately responded to requests for comment on Friday.

After several delays, Microsoft began rolling out SP2 in August of last year, at which time company chairman Bill Gates called the update "a significant step in delivering on our goal to help customers make their PCs better isolated and more resilient in the face of increasingly sophisticated attacks".

Robert Lemos writes for CNET News.com.

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In
Applications

Operating Systems

SOA/Web Services

Malware

Security Strategy


Reader Comments

Not an security enhancement at all: thanks to anot...
Robert Howe

Click here to see all

Related Links

Microsoft: 'DRM hole? It's not a flaw, but patch it'

Flaws in XP SP2, Mozilla, Konquerer... you name it...

Windows XP SP2 finally hits the shops

Microsoft misses XP SP2 target by 80 million

Microsoft releases patch for XP SP2

Microsoft doubles XP SP2 delay as users clamour for more time

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

for IT White Papers Newsletter

Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead

Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy

Revealed: Your favourite Windows operating system

Maemo and Android: Symbian's open source rivals up the pressure

Open source? No good for cost cutting, say CIOs

Apple unveils iMac, MacBook revamp

First critical Windows 7 patches released


  • Jobs
Games Engine Programmer - Surrey

The key objectives within this role are to: o Help further develop, maintain core engine systems o Liaise across different disciplines to identify ...

QA Tester

The company provides software and related services that enables e-businesses from clicks and mortar to pure dot-coms to measure their website ...

Director, Service Support

Highly knowledgeable on latest service management methods (ITIL) and technical trends (ITILv3 certified or equivalent knowledge and expertise). Leads ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.

Is Your Enterprise Architected for Tomorrow's Growth?

Improving IT service delivery through an integrated approach to software asset management...

TechRepublic Resource Guide: Software as a Service (SaaS) for Small and Midsize Businesses...

Top 10 DMVs for Easier SQL Server Monitoring

Martin Brokers cashes in on back-up swap

VocaLink makes virtualisation pay

Sony Pictures sets sights on best IT Oscar

Co-op Group kicks "server sprawl" into touch

Arts Council gets tech troubleshooting boost

Torex tech treats Thorntons to quicker sales

Stories from the web...


Mobiles, internet, email - which tech can't you live without?

'Don't just outsource the problem when you outsource IT'

Oracle-Sun deal draws official objections from EC

Tweets to turn up on LinkedIn thanks to status-sharing deal

Windows 7, Snow Leopard, open source and glory for Steve Jobs

Revealed: Your favourite Windows operating system




Quick Sitemap Links: