Windows XP flaw

Printable View

December 20th, 2001, 09:19 PM
thor

Windows XP flaw

http://www.foxnews.com/story/0,2933,41282,00.html
December 20th, 2001, 10:18 PM
Ratman2

so much for Microsuck and XP security....now where is the patch?
December 21st, 2001, 12:09 AM
spazzmatrix

WindowsXP hole

I want to test to see if i have this problem on a few computer on my network, and none of the articles said what port to close>> which port is it?

I havent really found any open so far.
December 21st, 2001, 12:50 AM
antihaxor

MS closed -3.6 because of the flaw says CNN
December 21st, 2001, 01:33 AM
markolepsy

i think this is kinda funny, in a sick way. "rogue software"? hey, i'm gonna install linux on yer box now!

or maybe just set your homepage to a linux mirror....;^D
December 21st, 2001, 03:32 AM
Tedob1

aint tha tsome ****?

3 DoS attacks and 1 give away your computer.

spazzmatrix :

it was discoverd by eEye maybe they offer a scanner for it.
the service listens on port 5000
December 21st, 2001, 06:41 PM
tH3#cL3aN3r

Microsoft issues patch for "serious" XP hole

Microsoft issues patch for "serious" XP hole

Click here for details.
December 21st, 2001, 06:44 PM
tH3#cL3aN3r

Quote:

so much for Microsuck and XP security....now where is the patch?

Click here for the patch.
December 21st, 2001, 07:24 PM
antihaxor

This a clip from the above link:

"Microsoft made a really good effort to work with us and get the patch ready in a coordinated way," he said. "Microsoft understands you're never going to be perfect; you have to have a mechanism in place to react to these things quickly and comprehensively when they happen."

Maiffret predicted hackers would develop and release tools to exploit the UPnP vulnerability within a week or two. But he said the buffer overflow flaw was so technically complex that attacks based on it were unlikely to become widespread. "I think the people skilled enough to exploit this will keep the exploit to themselves," he said. (yea right......NOT)
December 21st, 2001, 09:36 PM
ThePreacher

XP just came out and already there are ways to completely compromise the "most secure" OS microsoft ever made. Microsoft can keep their crap. Im running something else. No longer will I stand up and question if they have changed their ways.
December 21st, 2001, 11:21 PM
[WebCarnage]

XP Sales

...I clicked the button twice...sorries. :rolleyes:
December 21st, 2001, 11:23 PM
[WebCarnage]

XP Sales

Yea...I just heard that in the first three weeks of Windows XP going on sale - an estimated 7 million had already bought it. Now...do you seriosly think that all 7 million will d/l the patch. I honestly doubt it. Which means this exploit will be hanging around here for a while...at least thats my assumption.

And besides...that was only the first three weeks...imagin the millions more buying this OS. ...All I can say is...it sucks to be them.

[P.S. - ...I just remembered...It sucks to be me...on my Sony Vaio laptop...I've gotten Windows XP preinstalled....dammit...well... thanks to: tH3#cL3aN3r for making it easier for me. I'm secure...for now at least. I suspect about a few more exploits to be comming out soon, I mean...this is the normal drill for Window's products...isn't it?]
December 22nd, 2001, 07:49 AM
hogfly

let me just point this out

with the advent of windows XP....vulnerabilities are going to start popping up like mad.

Windows XP has increased 6 fold in the default installation size, to roughly 1.5 GB's. consider the number of vulns in NT/2000 and multiply them by 6. that will give you a rough estimate of what to expect, not to mention others that are created by modifying the codes from previous versions.
The only reason I am using XP is because I have to support the people that are going to use it.......
I am not surprised that this has happened already, its common for MS products to be the taget of every hacker alive....its the most widely used SW around. every PC ships with MS on it. Every new PC will now ship with XP, and we all know that Microsoft isn't going anywhere soon. You can however choose not to use their products.

If you choose to use it, brace yourselves for multiple Service packs and the mess of patches in between the SP's......and lets not forget the .NET server versions that are on their way....
December 22nd, 2001, 10:00 AM
-=solarismka=-

It says that ME is vunrable to this type of attack too. I'm glad that I'm migrating to OpenBSD !!!! :D
December 22nd, 2001, 12:22 PM
desolution

and how can people like us take advantage of this flaw?
December 22nd, 2001, 04:46 PM
eeshman

Tedob1 - Good point on the port 5000. I scanned my box two weeks ago and that port came up as open with a "?" where the name of the service should be. I just shut down the port along with a few others that I didn't need.

Which brings me to a good point...if you're going to be a "smart" user, know what your OS does and how to lock it down. Just my 2 cents though.......

-The Eeshman
December 22nd, 2001, 06:26 PM
Highlander

Linksys Router

You know you can put a Linksys router infront of the machine and only
map the ports you actually need......
December 23rd, 2001, 01:15 AM
ac1dsp3ctrum

Im probably gonna get flamed for this, but here it goes anyway. How do you scan/close ports on your computer ?
December 26th, 2001, 04:56 PM
eeshman

ac1dsp3ctrum:

I use a scanner called SuperScan (Windows) and NMAP (Linux). When you scan yourself use the 127.0.0.1 or whataver IP you have assigned to you by your ISP/Broadband provider. When you scan, try to scan all 65,535 ports to see what is listening on your computer and close those ports that are not necessary to be open. You can do this by manually disabling the service or placing a block on a personal firewall. I used the latter method as my firewall is ALWAYS up. Just block all incoming TCP/UDP packets with a destination port of 5000 (or whatever the port in question is) and make this rule always valid. This way nothing can connect to the vulnerable port, thus protecting you system to a degree. I say "to a degree" because someone will always find a way to exploit whatever security measures are out there...just give it some time. At any rate, I hope this helps you out. By the way, both scanners mentioned above are available for free on the net, so with a little searching you should be able to find it.

The Eeshman
December 26th, 2001, 05:02 PM
casper3699

I thought that all of XP was a flaw. ;)
December 26th, 2001, 05:04 PM
ac1dsp3ctrum

Nah, XP is a step in the right direction for Miro$oft. And thank you for the help eeshman :)
December 29th, 2001, 06:18 AM
Tedob1

.

Quote:

Im probably gonna get flamed for this, but here it goes anyway. How do you scan/close ports on your computer ?

Their are plenty of port scanners around, and just about all of them will scan ports. some faster, some slower. so unless you have a need for a super fast scanner that will do four or five different types of scans in stealth mode, on 20 different networks at the same time, while whisteling songs from the grand opre. just get a free one with a nice interface. i use ultrascan, kida slow, not too many features, but its free and i already have it.

in the nt type operating systems, you do have the option to only allow certain ports to connect on an interface. in dial-up and network connections, right click on the device your using, choose properties, double-click tcp/ip then select advanced, then filtering.
im on a 98 box right now so this, i believe, will take you in the right direction.
If your running a 9x mach., you can only do it with a FW.

see...no flames