Windows XP SP 2 security problems and holes
Posted: Sep 2, 04, 4:49 techAdmin
Status: Site Admin
Joined: 26 Sep 2003
Location: East Coast, West Coast? I know it's one of them.
Take a quick read of this article before you settle down believing you now have a 'secure' computer, if you downloaded and installed SP 2.
:: Quote ::SP2 did little to improve our system's practical security, leaving too many services and networking components enabled, bungling permissions, leaving IE and OE vulnerable to malicious scripts, and installing a packet filter that lacks a capacity for egress filtering....
The default security settings for Internet Explorer are hardly changed from the risky and confusing ones Microsoft has been urging on users for years. Here's what we found:
ActiveX Controls: run and script functions are enabled by default if the control is "marked as safe". Downloading signed ActiveX Controls is enabled (no prompt), and unsigned ones are disabled (no prompt). Binary and script functions are enabled. This is far too confusing: ActiveX should have a simple on/off toggle, and should be kept off unless needed for something useful like Windows Update.....
No surprises except for all the so called computer professionals who fell for the hype...
:: Quote ::The home user is the one most in need of good security configurations and tools, yet the one least served by SP2. Windows may be easy to use, but it is extremely complicated and difficult to administer, especially for security, with a tremendous number of hidden functions and many complex configuration interfaces. It should be left to the professional admin to enable services and understand their dependencies, not left to the home user to figure out which ones are risky, and which ones can safely be disabled.
thanks to theregister.com for once again reporting on reality, not MS or Sun or Apple news releases.
Back to top
Windows XP service pack 2 also broke or disrupted about 200 common applications. You can get a partial list here. That's the Microsoft website. I've also been seeing some possible other problems with SP 2, a possible break with Kodak easyshare disks, have to check that one more thoroughly though.
Back to top
All times are GMT - 8 Hours