Search

Search for words used in entries on this website

Enter the words[s] to search for here:

Sponsors

Windows XP SP2: Windows Security Center Spoof

Windows XP Service Pack 2 promises to raise the security bar for the sometimes beleaguered operating system. Unfortunately, one of the new features could be spoofed so that it reports misleading information about system security, or worse, lets a malicious program watch for an opportunity to do damage without being detected.

The feature is the Windows Security Center, which displays the status of the key elements of your defenses: Firewall, Updates, and Antivirus. If your firewall has been disabled, or your antivirus is out of date, that news will display here. The information is stored in an internal database managed by the Windows Management Instrumentation (WMI) subsystem built into Windows.

Based on an anonymous tip, we looked into the WMI and the Windows Security Center's use of it, and found that it may not only be a security hole, but a crater. Due to the nature of WMI, it could potentially allow attackers to spoof the state of security on a user's system while accessing data, infecting the system, or turning the PC into a zombie for spam or other purposes.

View: Full Story
Source: PC Magazine via MSFN

When we contacted Microsoft for comment, a spokesperson said that the company was not aware of this issue, but would investigate. Read Microsoft Responds to see what they said.

Name:			Remember personal info? Yes No
Email:
URL:
Comment:		Emoticons / Textile
Before sending a comment, you have to correctly answer a simple question you know the answer to. This is a countermeasure against automated spam bots. What are the first four letters of Techlog?     ( Register your username / Log in )
Notify:		Yes, send me email when someone replies.
Hide email:		Yes, hide my email address.
Small print: All html tags except <b> and <i> will be removed from your comment. You can make links by just typing the url or mail-address.