Microsoft issues denial-of-service warning for XP

News Analysis

Microsoft issues denial-of-service warning for XP

Microsoft has issued a warning to users about a newly disclosed denial-of-service vulnerability in Windows 2000 Service Pack 4 and Windows XP Service Pack 1.

The advisory, which followed reports about proof-of-concept code that seeks to exploit the flaw, claimed that Microsoft is currently unaware of any attacks that have resulted from the exploit code. The company said, however, that it would be ‘actively monitoring’ the situation to keep customers informed.
It advised companies to ensure that their systems are properly updated and have all recommended patches installed.

According to the advisory, any attacker on Windows XP Service Pack 1 must have valid log-on credentials to try to exploit the vulnerability, which could not be exploited remotely by anonymous users. The vulnerability doesn’t affect users who’ve installed Windows XP Service Pack 2 nor anyone running Windows Server 2003 and Windows Server 2003 Service Pack 1.

Microsoft has been working with security specialists to try and ensure that vulnerabilities are reported directly to the software vendor, and are not disclosed publicly, giving it a chance to fix flaws before details are released. In this case, Microsoft sounds pretty miffed that the process appeared to have broken down. Seems like a case of another security company looking for its day-in-the-sun.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy