'Um... You know how we said there'd be no more patches? Well there's just this one... And it's quite important... '
By Robert Lemos
Published: 17 December 2004 15:20 GMT
Microsoft released a "critical" fix on Thursday for a security issue left unresolved by the Windows XP Service Pack 2.
Gary Schare, director of product management for Windows, said the configuration change closed a hole in the Windows firewall settings that could open up PCs to attack if the machines had been set to share files or a printer with the local network.
"The changes we made in Service Pack 2 were better than before, but they could be narrowed even further," he said. "We told people [in September] that we would issue a software update and now we have."
The hole could allow anyone to access a PC that has its file sharing exceptions set up in the Windows XP SP2 firewall. The problem affects only those who use dialling software to connect to the Internet, Microsoft indicated in a Knowledge Base article on its website.
Microsoft did not classify the configuration issue as a software vulnerability and so did not distribute the configuration update with the patches it released earlier this week, Schare said. In fact, the security group did not handle the issue; the Windows product group did.
"We didn't do as good a job as we intended getting this out," he said. "This fell between the teeth. The security team said it wasn't a vulnerability, so we don't handle it, and the product people said they are not used to meeting the monthly update schedule."
Windows XP users who use Windows update will automatically download the configuration changes.
Wish i could say i was surprised.......
Anonymous
XP Patch is supposed to make things better right? ...
Barry Haeger
'Patch' implies hole, which in turn implies a lack...
Rich White
My system also became unstable after installing th...
Anonymous
"Fell between the teeth" - that's a new phrase to ...
Anonymous
Firewall would be highly advantageous. MS Exchange/Windows XP Technical Support - Birmingham, West Midlands. My client is looking to add a Technology ...
Your responsibilities will include network deployment, trouble shooting and analysis, Security systems configuration and back-up and recovery of ...
Title: Web Applications Vulnerability Tester / Penetration Tester Salary: market rates but probably 40k to 60k Company: online / ecommerce company ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead
Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy