'Um... You know how we said there'd be no more patches? Well there's just this one... And it's quite important... '
By Robert Lemos
Published: 17 December 2004 15:20 GMT
Microsoft released a "critical" fix on Thursday for a security issue left unresolved by the Windows XP Service Pack 2.
Gary Schare, director of product management for Windows, said the configuration change closed a hole in the Windows firewall settings that could open up PCs to attack if the machines had been set to share files or a printer with the local network.
"The changes we made in Service Pack 2 were better than before, but they could be narrowed even further," he said. "We told people [in September] that we would issue a software update and now we have."
The hole could allow anyone to access a PC that has its file sharing exceptions set up in the Windows XP SP2 firewall. The problem affects only those who use dialling software to connect to the Internet, Microsoft indicated in a Knowledge Base article on its website.
Microsoft did not classify the configuration issue as a software vulnerability and so did not distribute the configuration update with the patches it released earlier this week, Schare said. In fact, the security group did not handle the issue; the Windows product group did.
"We didn't do as good a job as we intended getting this out," he said. "This fell between the teeth. The security team said it wasn't a vulnerability, so we don't handle it, and the product people said they are not used to meeting the monthly update schedule."
Windows XP users who use Windows update will automatically download the configuration changes.
Wish i could say i was surprised.......
Anonymous
XP Patch is supposed to make things better right? ...
Barry Haeger
'Patch' implies hole, which in turn implies a lack...
Rich White
My system also became unstable after installing th...
Anonymous
"Fell between the teeth" - that's a new phrase to ...
Anonymous
Conduct regular quarterly and annual audits for all the IT systems Deliver basic IT user best practice guidance, where applicable, to end-users, ...
Track and handle CTS problem management queue? Technical knowledge for troubleshooting problems with:-Work stations with ZENworks for Desktops V7-MS ...
Maintain and monitor Internet traffic (www, ftp), using Proxy Server/Firewall/Tunnel and VPN technologies. Maintain PC and Peripherals, including ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business
Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business