Featured Articles

IHS teardown reveals Galaxy S5 BOM

IHS teardown reveals Galaxy S5 BOM

Research firm IHS got hold of Samsung’s new flagship smartphone and took it apart to the last bolt to figure out…

More...
Galaxy S5, HTC One M8 available selling well

Galaxy S5, HTC One M8 available selling well

Samsung’s Galaxy S5 has finally gone on sale and it can be yours for €699, which is quite a lot of…

More...
Intel lists Haswell refresh parts

Intel lists Haswell refresh parts

Intel has added a load of Haswell refresh parts to its official price list and there really aren’t any surprises to…

More...
Respawn confirms Titanfall DLC for May

Respawn confirms Titanfall DLC for May

During his appearance at PAX East panel and confirmed on Twitter, Titanfall developer Respawn confirmed that the first DLC pack for…

More...
KFA2 GTX 780 Ti Hall Of Fame reviewed

KFA2 GTX 780 Ti Hall Of Fame reviewed

KFA2 gained a lot of overclocking experience with the GTX 780 Hall of Fame (HOF), which we had a chance to…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Wednesday, 07 July 2010 09:09

Windows XP has another fatal flaw

Written by Nick Farell


Secunia warns
Fully patched versions of Windows XP and 2000 have another critical vulnerability, which can be exploited by hackers to launch malicious attacks.

Security firm Secunia reported that the vulnerability, which Secunia rates as "moderately critical" is the result of a boundary error in the "UpdateFrameTitleForDocument()" function of the CFrameWnd class in mfc42.dll. The vulnerability can be exploited to cause a stack-based buffer overflow error, which occurs by passing an overly long title string argument to the vulnerable function.

If exploited, the vulnerability can open the door for hackers to launch remote code execution attacks, aimed at taking control of a user's computer and stealing sensitive data.
The only real way to hack a system is to get a user to download a bit of code using social engineering tricks, but that does not really make it less likely to be a problem. The vulnerability has appeared in fully patched versions of Windows 2000 Professional SP4 and Windows XP SP2/SP3, although other versions may also be affected.

Microsoft has not patched the flaw and not yet issued an advisory warning users about the flaw. However it is getting increasingly tired of having to deal with Windows XP and 2000 flaws. The two operating systems are now ancient and much harder to protect than modern operating systems such as Vista and Windows 7.

Nick Farell

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

Comments  

 
+6 #1 estani 2010-07-07 09:46
I think if you hit left-left-up-right you get a fatality... wait!... or was that in mortal combat?...
 
 
-1 #2 BernardP 2010-07-07 11:51
Despite Microsoft's tiredness, I'm staying with XP until I get a new PC, in early 2012.
 
 
+2 #3 pogsnet 2010-07-07 17:42
Another Ad campaign to buy Vista or Win7
 
 
+1 #4 yourma2000 2010-07-07 19:42
Quoting yourma2000:
using Windows 7, I don't care 8)




8)
 
 
+1 #5 ghot 2010-07-07 20:59
It hardly seems credible that after 10 years of Windows XP use...that people are still finding security holes.....more likely....its just more anti XP marketing.
 
 
+1 #6 D31337Antics 2010-07-07 21:46
Quoting pogsnet:
Another Ad campaign to buy Vista or Win7



Does not sound like it, just sounds like Microsoft isnt dropping support of XP like they keep claiming they are going to do lol.
 

To be able to post comments please log-in with Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments