January 2nd, 2003, 04:12 PM
XP Fix - XPdite - from GRC.Com
My uncle sent me an e-mail with info about this, figured I'd post it here for all the XP users.
It's from Steve Gibson of GRC.Com (Home Sheild up)
Here's the Link to the program.
Attention Windows XP Users
A Critical Security Vulnerability Exists in Windows XP.
This vulnerability allows the files contained in any specified directory on your system to be deleted if you click on a specially formed URL. This URL could appear anywhere: sent in malicious eMail, in a chat room, in a newsgroup posting, on a malicious web page, or even executed when your computer merely visits a malicious web page. It is already being exploited on the Internet
It's not a critical program as they say, since using the XP Service Pack 1 fixes the problem, but the program is there for those who suffer from patch installations (& the horrors with it)
So figured to leave this here....
We have received many horror stories from users who have had their Windows XP systems badly damaged by the installation of Service Pack 1.
Some users report that one system upgrades without trouble, whereas another is rendered nearly useless. So I want to be clear that I am neither recommending nor advising against the installation of Service Pack 1.
XPdite will easily and instantly cure the vulnerability it was designed to — without any possible side effect or negative consequences. But as for Service Pack 1 . . . you are on your own.
Hope this helps some...
January 2nd, 2003, 05:03 PM
Was this the same vulnerablility that used the Windows Help functions?
I remember there being posts about that.
That is pretty cool that grc released a fix for it. Nice find tyger_claw!
I can attest to the SP1 upgrade problems. Many I haven't had any problems with... but some have gotten completely mucked up. Good thing I keep backup PCs...
One thing I remember while playing with this vulnerablility... it was a system owned process not a user... so anyone, even if an underprivledged account or even if the guest was logged in could potentially wipe out the system.
Since it worked from a url, virtually all XP users were at risk... all someone had to do was visit a site and that site could forward them to the malicious code. Bye Bye Windows...
But then again... perfect oportunity to format and install Linux.... lol
EDIT: I couldn't find the original post on AO... too many results to go through, but I did find more info about what this fix/patch fixes.
is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
January 2nd, 2003, 08:08 PM
being as sp1 also fixes, as i unrestand it, some media "copy-right" issues...Steve did us a good turn
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
January 2nd, 2003, 11:15 PM
All you have to do to fix it is remove 2 lines of code from the .html file. I guess the program is a good tool if you are unsure how to do this.
Anyways original post is titled Crazy XP Sploit ......By me euclid shows how to do it there i think if anyone interested
Violence breeds violence
we need a world court
not a republican with his hands covered in oil and military hardware lecturing us on world security!