Windows XP SP2 flaw complex but dangerous
Published: 01 Dec 2004 12:55 GMT
Security experts have identified a modified exploit that can target computers running Windows XP SP2.
Although the exploit is tricky to perform, it combines two vulnerabilities in Internet Explorer 6 with a series of ActiveX exploits to break security settings in computers running SP2. It runs when a user moves a file or an image from one part of a Web page to another, but in the process the exploit downloads code to machines that circumnavigates Local Computer security settings in SP2.
Researchers at Danish security company Secunia have labelled the vulnerability as "highly critical" because it allows hackers to access local resources and bypass security features in Windows XP SP2.
"This is the most serious vulnerability for SP2 that we have the moment," said Thomas Kristensen. "The problem is that by exploiting this vulnerability in IE it's possible to drag a file into the local security zone and change the settings. On an SP2 system, this shouldn’t be a problem, but it is still possible to bypass the security with an Active X control."
The company pointed out that Windows XP SP2 does not run Active Scripting in the Local Computer zone, but by performing a series of Active X exploits it is possible to bypass those setting in SP2.
"It's a series of events you have to perform before you are able to bypass security settings," said Kristensen. "It is complicated. But they are several minor issues that can be compromised so it's possible to circumnavigate the security settings."
Kristensen added that SP2 was supposed to tightly lock down the security issues with IE 6, but this was clearly a compromise in it security. He said that the solution was to disable the drag-and-drop or copy-and-paste options on Internet Explorer and set the security level to "high" in the Internet zone.
Did you find this article useful?
53 out of 116 people found this useful
- Share this article:
Full Talkback thread
10 comments
-
There's that word again. ActiveX is mentioned in n... NJ -
ActiveX can be useful (when used appropriatel... Gareth -
No matter how complex a flaw is, someone will do i... Bob
-
I think is sad that you tell the world about a sev... Anonymous
-
If "IE" is for "Intranet Explorer" most of ActiveX... Anonymous
-
Im sick and fuckin tired of havin to download fixe... bill
-
Windows XP Service Pack 1 is far much better than... Dandy
-
With every update, M$ seems to sort one flaw and p... Palm0r
-
Would you buy a car that coughs and splutters ever... Anonymous
-
I am using Windows XP SP2 Ok There is a flaw, how... Pierre Benoist
