On CBS.com: Six show girls attacked
BNET Business Network:
BNET
TechRepublic
ZDNet
140 TalkBacks

By Joris Evers, News.com
Posted on ZDNet News: Aug 24, 2005 1:45:00 AM

The plug-and-play vulnerability that caused havoc for Windows 2000 users last week also holds a serious risk for some Windows XP users, Microsoft said Tuesday.

Computers running Windows XP with Service Pack 1 in a specific configuration are vulnerable to worm attacks similar to the ones that hit Windows 2000 systems, Microsoft said in a security advisory published Tuesday.

The Zotob worm and its offshoots, plus several other worms, downed Windows 2000 computers, including systems at ABC, CNN and The New York Times. All the worms exploited a security hole in the plug-and-play feature in Windows, for which Microsoft provided a fix earlier this month and rated as "critical" for Windows 2000.

It was previously thought that only Windows 2000 machines were vulnerable to remote attack using the plug-and-play flaw. However, Microsoft in its security advisory on Tuesday specified one scenario that also exposes select Windows XP users.

Also vulnerable are systems that run Windows XP with SP1 with file and printer sharing and the Windows guest user account enabled, according to Microsoft. This would likely be home users, because PCs are not vulnerable if connected to a network domain, which is common in business environments, Microsoft said.

"This is a minor and narrow attack scenario," said Debby Fry Wilson, a director at Microsoft's Security Response Center. "However, because Windows 2000 customers were attacked last week, we wanted to take the extra precaution of offering customers this clarifying information."

The probability that there are many vulnerable systems out there "is very remote," Fry Wilson said. Most consumers have upgraded their Windows XP machines to Service Pack 2, she said. In businesses, where Windows XP SP1 is more common, computers are not vulnerable because they are typically connected to a domain, she said.

Microsoft was made aware of the Windows XP attack possibility by security vendor Symantec, Fry Wilson said. Microsoft urges users to apply the security patches it provided earlier this month. Also, Microsoft is not aware of any attack exploiting the plug-and-play flaw that targets Windows XP.

  • Talkback
  • Most Recent of 140 Talkback(s)
Yeah, but
Most of the home users are less computer literate than you. When I got my new XP machine it came with no guidance on how and why to setup security. I have some training in computers but even I did not... (Read the rest)
Posted by: G Fedorchuk Posted on: 09/03/05 You are currently: Logged In | Log out
Zotob worm killed an SP2 laptop PoisonPill   | 08/23/05
Infecting an XPSP2 machine remotely possible but not likely toadlife   | 08/23/05
You mean a user might have caused the infection? Anton Philidor   | 08/24/05
XP SP2 infected PoisonPill   | 08/25/05
Zotob worm hole also affects Windows XP engcons@...   | 08/26/05
Nice recovery G Fedorchuk   | 09/03/05
a lot of people... linuxoverwindows   | 08/24/05
Smart ... gary.douglas@...   | 08/24/05
XP does not allow users with null passwords to connect remotely toadlife   | 08/24/05
Weak password? SWW Ironman   | 08/24/05
Why should it be the OEM's reponsibility? maldain   | 08/24/05
rabbit infested pcs linuxoverwindows   | 08/24/05
Responsibility of the end-user? HiRezL   | 08/24/05
Because It's Easy For Them nikoli   | 08/24/05
Last reseller should be a bigger help Mr_Dave   | 08/24/05
Rabbits? Sheeva   | 08/25/05
Too much Monte Python Smarty_Pantz   | 08/26/05
RE: Why should it be the OEM's reponsibility? nightshade0143   | 08/25/05
Yeah, but G Fedorchuk   | 09/03/05
(nt)See my reply above about null passwords toadlife   | 08/24/05
More details please 52info   | 08/24/05
Zotob worm hole also affects Windows XP Loverock Davidson   | 08/23/05
Run of the mill node357   | 08/23/05
Aww Loverock Davidson   | 08/23/05
Truth? node357   | 08/23/05
Truth? Loverock Davidson   | 08/24/05
Re: Truth? Grayson Peddie   | 08/24/05
Not only that Loverock Davidson   | 08/24/05
Yeah, the TRUTH until NEXT week. Judas I.   | 08/24/05
you want the truth? linuxoverwindows   | 08/24/05
Ah yes, here's another favorite Jack Nicholson quote: Judas I.   | 08/24/05
"It was previously thought...." toadlife   | 08/24/05
MS tystoy1   | 08/24/05
MS Loverock Davidson   | 08/24/05
Intelligence ... gary.douglas@...   | 08/24/05
RE:


TalkBack: Reply to message


Re: Intelligence... Freebro   | 08/24/05
Your "version" of the truth... Physco Dude   | 08/24/05
Microsoft cares.............. TotalKayeos   | 08/24/05
See this -----> ( _ )=/=o toadlife   | 08/23/05
For your reading pleasure. toadlife   | 08/23/05
I knew it. Anton Philidor   | 08/24/05
LOL Loverock Davidson   | 08/24/05
Message has been deleted. itanalyst   | 08/24/05
Oh come on IT Loverock Davidson   | 08/24/05
(nt)as soon as you take your place in the middle toadlife   | 08/24/05
It isn't funny anymore bathroom humor specialist. osreinstall   | 08/24/05
rant Tommy Gun   | 08/24/05
Yeah, Kind Of Like People Who Speak Out Against Bush itanalyst   | 08/24/05
Get it right. (treason, not terrorism) Too Old For IT   | 08/24/05
First Amendment jonoakley   | 08/24/05
flag waving exercise waylander   | 08/24/05
Which one of these guys would YOU sit next to on the bus: Judas I.   | 08/24/05
You Forgot One itanalyst   | 08/24/05
Context Dave P.   | 08/24/05
Dave P: Speaking of context, you should remember ... Judas I.   | 08/24/05
MS is doing good... Now my flag! Freebro   | 08/24/05
Sorry about the lock... Freebro   | 08/24/05
Don't split yet, Freebro, we're talkin' CONTEXT here. Judas I.   | 08/24/05
Still here. Freebro   | 08/25/05
Good to see you are still here. Judas I.   | 08/25/05
Some agreement... but more is hidden! Freebro   | 08/25/05
Freebro: You have a lot more guts than I have. Judas I.   | 08/26/05
Apparently not Dave P.   | 08/24/05
Huh? How can it be "subversion" when ... Judas I.   | 08/24/05
RE: rant Linux User 147560   | 08/24/05
2nd clifflee   | 08/24/05
Answer to "-why are you here?" btljooz   | 08/24/05
Really? Who elected YOU folks Swamis of the Posts? Judas I.   | 08/24/05
Actually, btljooz   | 08/24/05
Shucks, you really hurt me, Betelgeuse. Judas I.   | 08/24/05
SHEESH! What's this???? btljooz   | 08/24/05
you go to a talkback forum... linuxoverwindows   | 08/24/05
not just anti ms... linuxoverwindows   | 08/24/05
nah, were all extremists linuxoverwindows   | 08/24/05
I agree martin@...   | 08/24/05
Ah! The Logitech Mouse I am Gorby   | 08/24/05
Customer satisfaction... jasonp@...   | 08/24/05
Zotob and XP sp2 DragonBRockin   | 08/23/05
thats the old story... linuxoverwindows   | 08/24/05
You should read up on null admin passwords and Windows XP toadlife   | 08/24/05
Simply but worthwhile check for XP SP2 users Scrat   | 08/24/05
So when is GAtes going to get off the dime ... Too Old For IT   | 08/24/05
Switch to Linux glenngrace@...   | 08/24/05
Not Treason nor Terriorism bettyejmiller   | 08/24/05
Message has been deleted. itanalyst   | 08/24/05
sigh woot!   | 08/24/05
Just do a little research, please mactolinux   | 08/24/05
Apples to oranges woot!   | 08/24/05
I wish I could type woot!   | 08/24/05
Sir, I don't s*ck my thumb mactolinux   | 08/24/05
not just corporations zendancer   | 08/26/05
Very true, but the bu$h wak jobs calls it treason Airwolph   | 08/24/05
First Amendment gypkap@...   | 08/24/05
Questions? btljooz   | 08/24/05
Not Treason nor Terriorism rbsinal   | 08/25/05
So.. to be infected with SP2, you must be a user with admin right? Airwolph   | 08/24/05
you dont have to be a user with admin rights... linuxoverwindows   | 08/24/05
worms alandee4   | 08/24/05
Corp users with SP1 are not affected IF, theres a domain... educateme@...   | 08/24/05
Welcome to the Microsoft Beta Team jonoakley   | 08/24/05
I'm sorry did you say MS has lots of Users, or Losers? educateme@...   | 08/24/05
Cyber-Terrorism btljooz   | 08/24/05
upgrades 1crs   | 08/24/05
Hoping against reality Mr_Dave   | 08/24/05
In other news Vista will solve "all" of your michael_t   | 08/24/05
LongShot Now Vista Get While Its HOT HOT HOT RobertoSalazar   | 08/24/05
OUCH! X Marks The Spot   | 08/24/05
Another Worm Ho Hum So What RobertoSalazar   | 08/24/05
Apparently, masochism as a force, is as strong as michael_t   | 08/24/05
How about a warning label? Otto_Delete   | 08/24/05
Weak passwords are better than nothing, really... The Computer Pimp   | 08/24/05
Huh? toadlife   | 08/24/05
Weak passwords are better than nothing, really... The Computer Pimp   | 08/24/05
Read the article again toadlife   | 08/24/05
Weak passwords are better than nothing, really... The Computer Pimp   | 08/25/05
Enabling sharing, enables the guest account toadlife   | 08/26/05
Weak passwords are better than nothing, really... The Computer Pimp   | 08/28/05
killed my 2 networked win xp home and pro waldoc1@...   | 08/24/05
Proper spelling and punctuation Real World   | 08/24/05
RE: killed my 2 networked win xp home and pro Linux User 147560   | 08/24/05
Don't connect Windows to the internet Chad_z   | 08/24/05
All home users should get a NAT firewall. osreinstall   | 08/24/05
RE: All home users should get a NAT firewall. Linux User 147560   | 08/24/05
I hope the union steward is not too upset! osreinstall   | 08/24/05
NO! Users need to get michael_t   | 08/24/05
Ping yourself lately osreinstall   | 08/24/05
Gagged. node357   | 08/24/05
Ooooookay rant szk-rebel alliance   | 08/24/05
Since when do you have to pay to keep your pc secured bhodges00   | 08/24/05
Paying to keep PC secure Mr_Dave   | 08/24/05
Excuse me. iwish40   | 08/24/05
RE: Excuse me. Linux User 147560   | 08/24/05
sorry ramjet10   | 08/24/05
Zotob worm hole also affects Windows XP PoisonPill   | 08/24/05
Suggestion...... Andromedat6   | 08/24/05
Zotob worm... X Marks The Spot   | 08/24/05
Zotob worm hole... Michel Hugot   | 08/25/05
George Ou not here to defend MS? IT-sys   | 08/25/05
............. Solution! An_Axe_to_Grind   | 08/25/05
linix pat4him   | 08/27/05

What do you think?