On CBSSports.com: Mike Tyson's daughter dies in accident
BNET Business Network:
BNET
TechRepublic
ZDNet
140 TalkBacks

By Joris Evers
Posted on ZDNet News: Aug 24, 2005 1:45:00 AM

The plug-and-play vulnerability that caused havoc for Windows 2000 users last week also holds a serious risk for some Windows XP users, Microsoft said Tuesday.

Computers running Windows XP with Service Pack 1 in a specific configuration are vulnerable to worm attacks similar to the ones that hit Windows 2000 systems, Microsoft said in a security advisory published Tuesday.

The Zotob worm and its offshoots, plus several other worms, downed Windows 2000 computers, including systems at ABC, CNN and The New York Times. All the worms exploited a security hole in the plug-and-play feature in Windows, for which Microsoft provided a fix earlier this month and rated as "critical" for Windows 2000.

It was previously thought that only Windows 2000 machines were vulnerable to remote attack using the plug-and-play flaw. However, Microsoft in its security advisory on Tuesday specified one scenario that also exposes select Windows XP users.

Also vulnerable are systems that run Windows XP with SP1 with file and printer sharing and the Windows guest user account enabled, according to Microsoft. This would likely be home users, because PCs are not vulnerable if connected to a network domain, which is common in business environments, Microsoft said.

"This is a minor and narrow attack scenario," said Debby Fry Wilson, a director at Microsoft's Security Response Center. "However, because Windows 2000 customers were attacked last week, we wanted to take the extra precaution of offering customers this clarifying information."

The probability that there are many vulnerable systems out there "is very remote," Fry Wilson said. Most consumers have upgraded their Windows XP machines to Service Pack 2, she said. In businesses, where Windows XP SP1 is more common, computers are not vulnerable because they are typically connected to a domain, she said.

Microsoft was made aware of the Windows XP attack possibility by security vendor Symantec, Fry Wilson said. Microsoft urges users to apply the security patches it provided earlier this month. Also, Microsoft is not aware of any attack exploiting the plug-and-play flaw that targets Windows XP.

SponsoredWhite Papers, Webcasts, and Downloads

  • Talkback
  • Most Recent of 140 Talkback(s)
Yeah, but
Most of the home users are less computer literate than you. When I got my new XP machine it came with no guidance on how and why to setup security. I have some training in computers but even I did not... (Read the rest)
Posted by: G Fedorchuk Posted on: 09/03/05 You are currently: a Guest | | Terms of Use
Zotob worm killed an SP2 laptop  PoisonPill | 08/23/05
Infecting an XPSP2 machine remotely possible but not likely  toadlife | 08/23/05
You mean a user might have caused the infection?  Anton Philidor | 08/24/05
XP SP2 infected  PoisonPill | 08/25/05
Zotob worm hole also affects Windows XP  engcons@... | 08/26/05
Nice recovery  G Fedorchuk | 09/03/05
a lot of people...  linuxoverwindows | 08/24/05
Smart ...  gary.douglas@... | 08/24/05
XP does not allow users with null passwords to connect remotely  toadlife | 08/24/05
Weak password?  SWW Ironman | 08/24/05
Why should it be the OEM's reponsibility?  maldain | 08/24/05
rabbit infested pcs  linuxoverwindows | 08/24/05
Responsibility of the end-user?  HiRezL | 08/24/05
Because It's Easy For Them  nikoli | 08/24/05
Last reseller should be a bigger help  Mr_Dave | 08/24/05
Rabbits?  Sheeva | 08/25/05
Too much Monte Python  Smarty_Pantz | 08/26/05
RE: Why should it be the OEM's reponsibility?  nightshade0143 | 08/25/05
Yeah, but  G Fedorchuk | 09/03/05
(nt)See my reply above about null passwords  toadlife | 08/24/05
More details please  52info | 08/24/05
Zotob worm hole also affects Windows XP  Loverock Davidson | 08/23/05
Run of the mill  node357 | 08/23/05
Aww  Loverock Davidson | 08/23/05
Truth?  node357 | 08/23/05
Truth?  Loverock Davidson | 08/24/05
Re: Truth?  Grayson Peddie | 08/24/05
Not only that  Loverock Davidson | 08/24/05
Yeah, the TRUTH until NEXT week.  Judas I. | 08/24/05
you want the truth?  linuxoverwindows | 08/24/05
Ah yes, here's another favorite Jack Nicholson quote:  Judas I. | 08/24/05
"It was previously thought...."  toadlife | 08/24/05
MS  tystoy1 | 08/24/05
MS  Loverock Davidson | 08/24/05
Intelligence ...  gary.douglas@... | 08/24/05
RE:


TalkBack: Reply to message


Re: Intelligence...  Freebro | 08/24/05
Your "version" of the truth...  Physco Dude | 08/24/05
Microsoft cares..............  TotalKayeos | 08/24/05
See this -----> ( _ )=/=o  toadlife | 08/23/05
For your reading pleasure.  toadlife | 08/23/05
I knew it.  Anton Philidor | 08/24/05
LOL  Loverock Davidson | 08/24/05
Message has been deleted.  itanalyst | 08/24/05
Oh come on IT  Loverock Davidson | 08/24/05
(nt)as soon as you take your place in the middle  toadlife | 08/24/05
It isn't funny anymore bathroom humor specialist.  osreinstall | 08/24/05
rant  Tommy Gun | 08/24/05
Yeah, Kind Of Like People Who Speak Out Against Bush  itanalyst | 08/24/05
Get it right. (treason, not terrorism)  Too Old For IT | 08/24/05
First Amendment  jonoakley | 08/24/05
flag waving exercise  waylander | 08/24/05
Which one of these guys would YOU sit next to on the bus:  Judas I. | 08/24/05
You Forgot One  itanalyst | 08/24/05
Context  Dave P. | 08/24/05
Dave P: Speaking of context, you should remember ...  Judas I. | 08/24/05
MS is doing good... Now my flag!  Freebro | 08/24/05
Sorry about the lock...  Freebro | 08/24/05
Don't split yet, Freebro, we're talkin' CONTEXT here.  Judas I. | 08/24/05
Still here.  Freebro | 08/25/05
Good to see you are still here.  Judas I. | 08/25/05
Some agreement... but more is hidden!  Freebro | 08/25/05
Freebro: You have a lot more guts than I have.  Judas I. | 08/26/05
Apparently not  Dave P. | 08/24/05
Huh? How can it be "subversion" when ...  Judas I. | 08/24/05
RE: rant  Linux User 147560 | 08/24/05
2nd  clifflee | 08/24/05
Answer to "-why are you here?"  btljooz | 08/24/05
Really? Who elected YOU folks Swamis of the Posts?  Judas I. | 08/24/05
Actually,  btljooz | 08/24/05
Shucks, you really hurt me, Betelgeuse.  Judas I. | 08/24/05
SHEESH! What's this????  btljooz | 08/24/05
you go to a talkback forum...  linuxoverwindows | 08/24/05
not just anti ms...  linuxoverwindows | 08/24/05
nah, were all extremists  linuxoverwindows | 08/24/05
I agree  martin@... | 08/24/05
Ah! The Logitech Mouse  I am Gorby | 08/24/05
Customer satisfaction...  jasonp@... | 08/24/05
Zotob and XP sp2  DragonBRockin | 08/23/05
thats the old story...  linuxoverwindows | 08/24/05
You should read up on null admin passwords and Windows XP  toadlife | 08/24/05
Simply but worthwhile check for XP SP2 users  Scrat | 08/24/05
So when is GAtes going to get off the dime ...  Too Old For IT | 08/24/05
Switch to Linux  glenngrace@... | 08/24/05
Not Treason nor Terriorism  bettyejmiller | 08/24/05
Message has been deleted.  itanalyst | 08/24/05
sigh  woot! | 08/24/05
Just do a little research, please  mactolinux | 08/24/05
Apples to oranges  woot! | 08/24/05
I wish I could type  woot! | 08/24/05
Sir, I don't s*ck my thumb  mactolinux | 08/24/05
not just corporations  zendancer | 08/26/05
Very true, but the bu$h wak jobs calls it treason  Airwolph | 08/24/05
First Amendment  gypkap@... | 08/24/05
Questions?  btljooz | 08/24/05
Not Treason nor Terriorism  rbsinal | 08/25/05
So.. to be infected with SP2, you must be a user with admin right?  Airwolph | 08/24/05
you dont have to be a user with admin rights...  linuxoverwindows | 08/24/05
worms  alandee4 | 08/24/05
Corp users with SP1 are not affected IF, theres a domain...  educateme@... | 08/24/05
Welcome to the Microsoft Beta Team  jonoakley | 08/24/05
I'm sorry did you say MS has lots of Users, or Losers?  educateme@... | 08/24/05
Cyber-Terrorism  btljooz | 08/24/05
upgrades  1crs | 08/24/05
Hoping against reality  Mr_Dave | 08/24/05
In other news Vista will solve "all" of your  michael_t | 08/24/05
LongShot Now Vista Get While Its HOT HOT HOT  RobertoSalazar | 08/24/05
OUCH!  X Marks The Spot | 08/24/05
Another Worm Ho Hum So What  RobertoSalazar | 08/24/05
Apparently, masochism as a force, is as strong as  michael_t | 08/24/05
How about a warning label?  Otto_Delete | 08/24/05
Weak passwords are better than nothing, really...  The Computer Pimp | 08/24/05
Huh?  toadlife | 08/24/05
Weak passwords are better than nothing, really...  The Computer Pimp | 08/24/05
Read the article again  toadlife | 08/24/05
Weak passwords are better than nothing, really...  The Computer Pimp | 08/25/05
Enabling sharing, enables the guest account  toadlife | 08/26/05
Weak passwords are better than nothing, really...  The Computer Pimp | 08/28/05
killed my 2 networked win xp home and pro  waldoc1@... | 08/24/05
Proper spelling and punctuation  Real World | 08/24/05
RE: killed my 2 networked win xp home and pro  Linux User 147560 | 08/24/05
Don't connect Windows to the internet  Chad_z | 08/24/05
All home users should get a NAT firewall.  osreinstall | 08/24/05
RE: All home users should get a NAT firewall.  Linux User 147560 | 08/24/05
I hope the union steward is not too upset!  osreinstall | 08/24/05
NO! Users need to get  michael_t | 08/24/05
Ping yourself lately  osreinstall | 08/24/05
Gagged.  node357 | 08/24/05
Ooooookay rant  szk-rebel alliance | 08/24/05
Since when do you have to pay to keep your pc secured  bhodges00 | 08/24/05
Paying to keep PC secure  Mr_Dave | 08/24/05
Excuse me.  iwish40 | 08/24/05
RE: Excuse me.  Linux User 147560 | 08/24/05
sorry  ramjet10 | 08/24/05
Zotob worm hole also affects Windows XP  PoisonPill | 08/24/05
Suggestion......  Andromedat6 | 08/24/05
Zotob worm...  X Marks The Spot | 08/24/05
Zotob worm hole...  Michel Hugot | 08/25/05
George Ou not here to defend MS?  IT-sys | 08/25/05
............. Solution!  An_Axe_to_Grind | 08/25/05
linix  pat4him | 08/27/05

What do you think?

advertisement
advertisement

White Papers, Webcasts, and Downloads