Advertisement
Promo

Desktop platforms Toolkit in association with http://ad.doubleclick.net/clk;205413468;14699245;m?http://adfarm.mediaplex.com/ad/ck/2397-58840-22058-14

SP2's data execution protection cracked

Published: 31 Jan 2005 09:30 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

A Russian security company claims it found a way to beat a security measure in Microsoft's Windows XP Service Pack 2.

The SP2 measure, known as Data Execution Protection, is intended to prevent would-be attackers from inserting rogue code into a PC's memory and tricking Windows into running the program. However, in a paper published on Friday, Moscow-based Positive Technologies said two minor mistakes in the implementation of the technology allow a knowledgeable programmer to sidestep the protection.

The company notified Microsoft of the problem on 22 December, but it apparently decided not to wait for the software giant to patch the flaws.

Neither Microsoft nor Positive Technologies immediately responded to requests for comment on Friday.

After several delays, Microsoft began rolling out SP2 in August of last year, at which time company chairman Bill Gates called the update "a significant step in delivering on our goal to help customers make their PCs better isolated and more resilient in the face of increasingly sophisticated attacks."

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Did you find this article useful?
66 out of 134 people found this useful


Talkback

Post a comment


Full Talkback thread

1 comment

  1. Hey, Billy! A lot of bugs and holes in your Window... Russian Windows user

Related Links

More In Desktop platforms



Company/Topic Alerts

Create a new alert from the list below:







Related Jobs

Child Protection Co-Ordinator

Protection Sales - Staffordshire

QSW - Child Protection (E.Yorks)

Video icon

Video

Microsoft Futures Special Report

Ozzie: Success of Azure comes down to trust

Ozzie: Success of Azure comes down to trust

News In an interview, Ray Ozzie says businesses will be taking a risk by placing core operations in Microsoft's datacentre, but that the software giant has more to lose if things go bad

News Microsoft PDC: What to expect

News Microsoft unveils 'Azure' cloud OS

More Special Reports

Desktop Management Benchmarking

Test Your Desktop Management Systems

How good are your company's desktop management solutions? How do they compare with those of your peers?

Take two minutes to complete our new Desktop Management and Energy Consumption benchmark, and find out what issues your business needs to focus on.


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters