Results 1 to 4 of 4

Thread: XP Fix - XPdite - from GRC.Com

  1. #1
    Banned
    Join Date
    Mar 2002
    Posts
    968

    Arrow XP Fix - XPdite - from GRC.Com

    Hey All,

    My uncle sent me an e-mail with info about this, figured I'd post it here for all the XP users.
    It's from Steve Gibson of GRC.Com (Home Sheild up)

    Attention Windows XP Users

    A Critical Security Vulnerability Exists in Windows XP.

    This vulnerability allows the files contained in any specified directory on your system to be deleted if you click on a specially formed URL. This URL could appear anywhere: sent in malicious eMail, in a chat room, in a newsgroup posting, on a malicious web page, or even executed when your computer merely visits a malicious web page. It is already being exploited on the Internet
    Here's the Link to the program.

    It's not a critical program as they say, since using the XP Service Pack 1 fixes the problem, but the program is there for those who suffer from patch installations (& the horrors with it)

    We have received many horror stories from users who have had their Windows XP systems badly damaged by the installation of Service Pack 1.

    Some users report that one system upgrades without trouble, whereas another is rendered nearly useless. So I want to be clear that I am neither recommending nor advising against the installation of Service Pack 1.

    XPdite will easily and instantly cure the vulnerability it was designed to — without any possible side effect or negative consequences. But as for Service Pack 1 . . . you are on your own.
    So figured to leave this here....

    Hope this helps some...

  2. #2
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    Was this the same vulnerablility that used the Windows Help functions?
    I remember there being posts about that.

    That is pretty cool that grc released a fix for it. Nice find tyger_claw!

    I can attest to the SP1 upgrade problems. Many I haven't had any problems with... but some have gotten completely mucked up. Good thing I keep backup PCs...

    One thing I remember while playing with this vulnerablility... it was a system owned process not a user... so anyone, even if an underprivledged account or even if the guest was logged in could potentially wipe out the system.

    Since it worked from a url, virtually all XP users were at risk... all someone had to do was visit a site and that site could forward them to the malicious code. Bye Bye Windows...

    But then again... perfect oportunity to format and install Linux.... lol

    EDIT: I couldn't find the original post on AO... too many results to go through, but I did find more info about what this fix/patch fixes.

    News Article
    Detailed Info
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  3. #3
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,785
    being as sp1 also fixes, as i unrestand it, some media "copy-right" issues...Steve did us a good turn
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  4. #4
    Senior Member
    Join Date
    Dec 2001
    Posts
    304
    All you have to do to fix it is remove 2 lines of code from the .html file. I guess the program is a good tool if you are unsure how to do this.

    Anyways original post is titled Crazy XP Sploit ......By me euclid shows how to do it there i think if anyone interested
    Violence breeds violence
    we need a world court
    not a republican with his hands covered in oil and military hardware lecturing us on world security!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •