| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Windows XP Security Patch: Buffer Overrun in Windows Kernel Message Handling Could Lead to Elevated Privileges | |
|
||
| Time: 04:13 EST/09:13 GMT | News Source: ActiveWin.com | Posted By: Robert Stein | ||
|
A security issue has been identified that could allow an attacker to compromise a computer running Microsoft® Windows® XP and gain complete control over it. An attacker would need the ability to log onto the computer locally to carry out an attack. You can help protect your computer by installing this update from Microsoft. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 331 Last | Next |
The time now is
1:19:12 PM
ET.
Any comment problems? E-mail us |
| #1 By 6859 (204.71.100.243) at 5/30/2003 9:07:43 AM |
| Isn't this the SAME patch that buggered some computers not too long ago? All I know is that last time I installed this patch it took 10-15 seconds for any program to launch--that doesn't inspire me to attempt to reinstall this patch unless they fixed that. Anyone try it yet? |
| #2 By 8589 (65.71.67.73) at 5/30/2003 9:34:49 AM |
| This patch not needed if you are the only one that uses your computer, or if you use your computer at home and can trust the wife and kids. LOL |
| #3 By 2332 (216.41.45.78) at 5/30/2003 12:08:31 PM |
|
#3 - Not true. While the "attacker" must log on locally, all this means is that the exploit must be run as a locally logged on user.
This means that even if the account is running as a lower privledged user (like Guest, or "Mom", or "Sister", or whatever), it can still take over the machine. *Everybody* should apply this patch. |
| #4 By 7826 (65.205.133.2) at 5/30/2003 5:18:22 PM |
|
#4,
What #3 means is that the attacker needs physical access to the machine. As long as you trust your family members, you really don't need the update. If a hacker actually break into your home, you have more serious stuff to worry. |
| #5 By 8589 (67.65.86.252) at 5/30/2003 5:32:24 PM |
| #5, BINGO. |
| #6 By 6859 (204.71.100.243) at 5/30/2003 5:48:19 PM |
| Well, since I trust the wife, I installed it. So far, no problems.... |
| #7 By 2332 (65.221.182.2) at 5/30/2003 8:21:37 PM |
|
#5 / #6 - You're both wrong.
The only thing required for the attack to succeed is that the CODE run locally. This can happen either by a bad guy logging into your machine at you desk (presumably breaking into your house in the process), OR by your wife, brother, sister, uncle, etc running code of malicous origin. Normally, if the account used to run the code has low privs, like the accounts you would normally give your family members, no harm can be done by it. Or, rather, no harm to the system in general can be done. With this vulnerability, harm can be done REGARDLESS of the privledges of the account that was used to execute it. It's not a question of trusting your wife. It's a question of trusting her to never be a victim of clicking the wrong button on a web page, opening a file attachment to an e-mail, etc. History shows that, in general, your trust would be misplaced. |
| #8 By 7826 (68.100.63.48) at 5/30/2003 9:28:38 PM |
|
Again, that's the trust problem. First, each of my family member has their own PC. Secondly, they only run code I give to them. Thirdly, educate them not to click on those untrusted emails and the like. So far, history tells I don't need to worry about it. We do get emails containing virus from time to time. But never once anyone clicked on them. This post was edited by Foxbat on Friday, May 30, 2003 at 21:32. |
| #9 By 2332 (65.221.182.2) at 5/31/2003 3:35:22 AM |
|
#9 - Then your family is likely in the minority, because viruses have a funny way of spreading, and if everybody's family was like yours, they wouldn't.
Let me say it again. Everybody should apply this patch. |
| #10 By 931 (67.35.84.28) at 5/31/2003 4:27:10 AM |
|
everyone should wait 48 hours and apply the patch.. hehe case there are cavates to be found like most recent ms patches.
..save the flames. |
|
Write Comment
Return to News |
Displaying 1 through 25 of 331 Last | Next |
The time now is
1:19:12 PM
ET.
Any comment problems? E-mail us |
