Author |
Topic: XP SP2 Security Vuln. (Read 256 times) |
|
Root
New Board Veteran
rm -r *.*
Gender: 
Posts: 229
|
 |
XP SP2 Security Vuln.
« on: Aug 22nd, 2004, 10:40am » |
 Quote  Modify
|
I'm a little late posting this. Sorry folks. Please take the appropriate steps to protect yourself.
http://www.theregister.com/2004/08/20/sp2_scripting_vuln/
|
|
 IP Logged |
In the land of the dark the Ship of the Sun is driven by the Grateful Dead. -- Egyptian Book of the Dead
|
|
|
Opus
New Board Hall of Famer
(Insert witty comment here)
  
 
Gender:
Posts: 2509
|
|
Re: XP SP2 Security Vuln.
« Reply #1 on: Aug 22nd, 2004, 1:16pm » |
Quote Modify
|
I thought this article was very interesting.
Infected in 20 minutes
It tells in the end the best way to setup ( added) "pre" XP users (deleted)
Opus/Paul 
|
| « Last Edit: Aug 22nd, 2004, 3:27pm by Opus » |
IP Logged |
Zed-Zed-nine plural-Zed alpha,
There is no place like home.
|
|
|
Jonny
Guest
|
|
Re: XP SP2 Security Vuln.
« Reply #2 on: Aug 22nd, 2004, 1:51pm » |
Quote Modify
 Remove
|
Hell, Ive lived on the edge my whole life..........Let it ride.....LMAO!!!! 
..........................jonny
|
|
IP Logged |
|
|
|
fubar
CH.com Alumnus
New Board Hall of Famer
Gender:
Posts: 1933
|
|
Re: XP SP2 Security Vuln.
« Reply #3 on: Aug 22nd, 2004, 3:12pm » |
Quote Modify
|
That article in the Register is pure hype and bullshit. AND this exists in windows regardless of whether you have SP2 installed or not. AND there has not been one instance of the particular problem being exploited, yet. In fact, the original article that talks about the vulnerability (from Secunia) says that it is highly unlikely that someone would fall for this since the attacker has to convince the user to actually open a command line window, then drag a file (supposedly an image) to that window so it executes. Jesus. The world is coming to an end folks. 
Windows will always have new problems (so will linux and everybody else). SP2 is not evil.
|
|
IP Logged |
"He who has a why to live for can bear almost any how." -- Friedrich Nietzsche
|
|
|
Opus
New Board Hall of Famer
(Insert witty comment here)
Gender:
Posts: 2509
|
|
Re: XP SP2 Security Vuln.
« Reply #4 on: Aug 22nd, 2004, 4:31pm » |
Quote Modify
|
Root,
It seems your bait caught the wrong fish, or maybe he can't get on the web since his firewall has been turned on. Either way it's been too quiet, I feel the big one coming down the wires.
Opus/Paul
|
| « Last Edit: Aug 22nd, 2004, 4:32pm by Opus » |
IP Logged |
Zed-Zed-nine plural-Zed alpha,
There is no place like home.
|
|
|
Root
New Board Veteran
rm -r *.*
Gender:
Posts: 229
|
|
Re: XP SP2 Security Vuln.
« Reply #5 on: Aug 22nd, 2004, 5:13pm » |
Quote Modify
|
Posted on: Today at 12:12pm
"That article in the Register is pure hype and bullshit. AND this exists in windows regardless of whether you have SP2 installed or not."
So this means it might not be a problem for someone?
" AND there has not been one instance of the particular problem being exploited, yet"
Actually one that I know of.
"In fact, the original article that talks about the vulnerability (from Secunia) says that it is highly unlikely that someone would fall for this since the attacker has to convince the user to actually open a command line window, then drag a file (supposedly an image) to that window so it executes."
Actually I saw nothing about the command line (CLI) in the article. This was:
"Even though this demo depends on the user performing a drag and drop event, it might be rewritten so a user need only perform a single click on an image instead, according to security firm Secunia"
I'm not familiar enough with MS to say for certain, but I don't believe you can drag and drop from the command line in MS. This Vuln. is about IE and ActiveX anyway.
" Jesus. The world is coming to an end folks."
I know its Sunday. But really histrionics are unnecessary. Don't you think?
"Windows will always have new problems (so will linux and everybody else). "
I have to agree with that. I just prefer something a little more userfriendly, secure, stable and scalable then the current MS offerings. YMMV
"SP2 is not evil."
I don't recall ever saying it was. I merely think forewarned is forearmed. No need to get in a dither about it.
Please be well
|
|
IP Logged |
In the land of the dark the Ship of the Sun is driven by the Grateful Dead. -- Egyptian Book of the Dead
|
|
|
fubar
CH.com Alumnus
New Board Hall of Famer
Gender:
Posts: 1933
|
|
Re: XP SP2 Security Vuln.
« Reply #6 on: Aug 22nd, 2004, 6:33pm » |
Quote Modify
|
Dude, I didn't mean to over react... it's just hard to stay quiet when from a security standpoint, the more users that install SP2, the better. Anything that scares them aware from it (unless it's really an issue for the masses) just delays the benefit we will ALL see some getting this installed, even if you're using Linux.
For example... a lot, and I mean a LOT, of home users are infected by various bugs that send us all that wonderful spam or attack sites with denial of service traffic. The level of activity is only made possible by the fact that MOST users don't give a crap about updating their system or making sure it's securely configured. But wait, Windows comes out of the box with a *horrible* configuration... it's the holy grail of platforms sitting there waiting to be infected by whoever wants to nail it. Now, if Windows came out of the box with SP2 installed, we'd still have problems but the ways to attack it have been diminished substantially, ESPECIALLY for users who just want to be casual about using a computer. The way it is now, you can't be just casual about it, but the people are anyway because that's just how it is. They are casual in their selection of OS (majority buys windows...), they are casual in their usage of the internet (hey, that looks cool, click on it) and they don't have the slightest clue (nor should everyone be expected to) about the security implications of connecting a computer to a worldwide network. The net effect is that it degrades the network for all of us. SP2 takes steps in the right direction and every casual computer user should install it ASAP, in my humble opinion.
I think this is a ridiculous edge case that has not affected real users yet. I do know the details of this vulnerability originally posted on BugTraq by Lie Die Yu, and it does require that a user drag an 'image' to a command line window. Whether you've seen it in the wild or in a lab, it doesn't matter to me. The fact is, it's a damn hard vulnerability to exploit, and it only shows something that remains as a problem from pre-SP2. The whole effect, unfortunately, is instead to frighten people away from SP2. Why The Register chose to position this as an SP2-specific exploit is obvious. That part *was* bullshit and media spin on what was actually a useful security advisory from Lie Die Yu. I didn't like seeing it highlighted here because of the unnecessary negative affect it is sure to have on casual users considering installing SP2.
|
|
IP Logged |
"He who has a why to live for can bear almost any how." -- Friedrich Nietzsche
|
|
|
alleyoop
New Board Hall of Famer
Wake me up when it's all over.
Gender:
Posts: 1143
|
|
Re: XP SP2 Security Vuln.
« Reply #7 on: Aug 22nd, 2004, 7:29pm » |
Quote Modify
|
on Aug 22nd, 2004, 6:33pm, fubar wrote:Dude, I didn't mean to over react... it's just hard to stay quiet when from a security standpoint, the more users that install SP2, the better. Anything that scares them aware from it (unless it's really an issue for the masses) just delays the benefit we will ALL see some getting this installed, even if you're using Linux.
For example... a lot, and I mean a LOT, of home users are infected by various bugs that send us all that wonderful spam or attack sites with denial of service traffic. The level of activity is only made possible by the fact that MOST users don't give a crap about updating their system or making sure it's securely configured. But wait, Windows comes out of the box with a *horrible* configuration... it's the holy grail of platforms sitting there waiting to be infected by whoever wants to nail it. Now, if Windows came out of the box with SP2 installed, we'd still have problems but the ways to attack it have been diminished substantially, ESPECIALLY for users who just want to be casual about using a computer. The way it is now, you can't be just casual about it, but the people are anyway because that's just how it is. They are casual in their selection of OS (majority buys windows...), they are casual in their usage of the internet (hey, that looks cool, click on it) and they don't have the slightest clue (nor should everyone be expected to) about the security implications of connecting a computer to a worldwide network. The net effect is that it degrades the network for all of us. SP2 takes steps in the right direction and every casual computer user should install it ASAP, in my humble opinion.
I think this is a ridiculous edge case that has not affected real users yet. I do know the details of this vulnerability originally posted on BugTraq by Lie Die Yu, and it does require that a user drag an 'image' to a command line window. Whether you've seen it in the wild or in a lab, it doesn't matter to me. The fact is, it's a damn hard vulnerability to exploit, and it only shows something that remains as a problem from pre-SP2. The whole effect, unfortunately, is instead to frighten people away from SP2. Why The Register chose to position this as an SP2-specific exploit is obvious. That part *was* bullshit and media spin on what was actually a useful security advisory from Lie Die Yu. I didn't like seeing it highlighted here because of the unnecessary negative affect it is sure to have on casual users considering installing SP2.
|
|
I am NOT taking sides here, but damn good post!
.........................................alley 
|
|
IP Logged |
I know that the Good Lord won't put any more on you than you can stand, but sometimes I wish He weren't quite so PROUD of ME!
|
|
|
Root
New Board Veteran
rm -r *.*
Gender:
Posts: 229
|
|
Re: XP SP2 Security Vuln.
« Reply #8 on: Aug 22nd, 2004, 8:02pm » |
Quote Modify
|
Damn good post. Thank you
|
|
IP Logged |
In the land of the dark the Ship of the Sun is driven by the Grateful Dead. -- Egyptian Book of the Dead
|
|
|
Jonny
Guest
|
|
Re: XP SP2 Security Vuln.
« Reply #9 on: Aug 22nd, 2004, 9:04pm » |
Quote Modify
Remove
|
Day 2....XP-SP2 and doing oh so fine
...................................jonny
|
|
IP Logged |
|
|
|
Root
New Board Veteran
rm -r *.*
Gender:
Posts: 229
|
|
Re: XP SP2 Security Vuln.
« Reply #10 on: Aug 22nd, 2004, 10:13pm » |
Quote Modify
|
jonny: 763 days kernel 2.4-21 on one machine
48 days on kernel 2.6-565 on the other
This server (Conepuppy) CH.com is #4 up 117 days kernel 2.4-21/Apache 1.3.26. Way to go DJ
Smokin 
|
|
IP Logged |
In the land of the dark the Ship of the Sun is driven by the Grateful Dead. -- Egyptian Book of the Dead
|
|
|
suzy617
CH.com Alumnus
New Board Hall of Famer
Love is friendship set on fire
Gender: 
Posts: 1902
|
|
Re: XP SP2 Security Vuln.
« Reply #11 on: Aug 24th, 2004, 6:41pm » |
Quote Modify
|
I installed it this morning and when I went to reboot my pc crashed. Kept going on and off. Tech support could not help me and had to reformat. They said they are hearing alot of problems the same.
Lost everything, cant work....I'm pissed
Suzy
|
|
IP Logged |
When God measures men, He puts the tape around the heart, not the head.
|
|
|
fubar
CH.com Alumnus
New Board Hall of Famer
Gender:
Posts: 1933
|
|
Re: XP SP2 Security Vuln.
« Reply #12 on: Aug 25th, 2004, 2:07am » |
Quote Modify
|
Suzy,
You were bamboozled. A reformat is completely and totally unnecessary. I hope to God you didn't lose data, since it wasn't something that needed to happen. If anything like that happens to someone else, never reformat until you've saved off the data you need. There are a million ways to do that even without windows booting. I'm so sorry you had problems... it's actually quite rare with the real release of SP2 (it did happen with Service Pack 2 release candidate 1 and 2, also called SP2 RC1 or SP2 RC2).
-Shawn
|
|
IP Logged |
"He who has a why to live for can bear almost any how." -- Friedrich Nietzsche
|
|
|
|
|
|
Home
Help
Search
Members
Member Map
Login
Register
Reply
Notify of replies
Send Topic
Print
test rss