View Full Version : Major XP secuirity flaw

09-09-2002, 05:53 PM
Major XP security flaw. This is the worst flaw that there is. By just visiting a website, or looking at e-mail, you could lose inportant files. This was kept a secret for 11 weeks. This is a major secruity flaw. If you have Xp you _MUST_ fix this. For info, go to the microsoft homepage. I have already fixed this problem myself.

09-09-2002, 06:21 PM
Were any more details released on how you would loes the important files?

09-09-2002, 06:28 PM
Nope, it's just some simple html code.

09-09-2002, 06:29 PM
Sounds like yet another ActiveX vulnerability...

So glad I dont use Internet Explorer or Outlook

09-09-2002, 06:36 PM
Doesn't need to be either

09-09-2002, 06:43 PM
yes it does :P Netscape won't do it. And hacker community has known about it for much longer then 11 weeks, microsofts a little slow.

09-09-2002, 06:47 PM
Originally posted by Ride -or- Die
yes it does :P Netscape won't do it. And hacker community has known about it for much longer then 11 weeks, microsofts a little slow.

oh so your from the hacker community but you didnt know where to find wingates?

09-09-2002, 07:29 PM
Actually I can remember reading about this quite some time ago on an obscure "security" site. I cant recall which one at the moment. And AFAIK it is only successful with IE and Outlook. I believe this is the 'execute anyway' flaw. No?

09-09-2002, 09:38 PM
This is scarry as hell. I know that some of you still use windows so this is why this is being posted here. If you are using Windows XP check this out. Go to your C:\ drive and place a text file in C:\ called test.txt [make sure lowercase]. Close out of everything and then click on this link It is going to bring up help and support. Once it comes up wait a couple of seconds and then close or minimise it and then go back to your C:\ drive... test.txt is now gone.

This is the scarry part this is what was used to delete test.txt
(line removed to keep the clueless away)if you do this though
Im not going to post the whole thing because if B2 turns it to a link and someone clicks on it they will loose everything in C:\Windows but if you change the c:\test.txt to c:\windows\* Bye Bye everything in C:\windows. Point is you might want to right click and click properties just to see where the link you are clicking on goes to if you are using WinXp.......


much worse than it sounds... your whole windows folder could be gone

i did not include the testing link as i am sure someone here would end up posting it and modifying it and deleting someone's files...

09-10-2002, 12:06 AM
And the next good reason not to use new MS OS's (until the rest of you have compleated the beta testing for MS) is........

09-10-2002, 01:38 AM
Heh. My thoughts exactly, novacain.

Never buy brandnew software. Especially something crucial... like an OS. ;)

09-10-2002, 04:01 AM
1) I didn't say "I'm a hacker. We've known about this." I said the hacker community has. I'm a big security type person and often read up on alot of it as a learning deal, i am by no means practicing the art of hacking.

2) There is only two versions of windows which is effected by this flaw, as they forgot to mention. Windows XP Home Edition and Windows XP Professional. These are the two common versions.

The third version, Windows XP Professional Corporate Edition, is not effected by it. Many of you won't have this version however(this is the version i am using). It is made for very very big corporations such as maybe something like Dell(for the company not distrabution on new pcs). The reason they made this third version is because it has no licenses(its unlimited), the Product key is good for as many installs as you want, so you only need by one cd and install on as many pcs as you want, and there is no "forced" or "required" registration. This version will cost you a hefty 10 grand in US dollars and good luck getting it from them.

So if your as lucky as me to have this third version you need not worry.

09-10-2002, 04:06 AM
Way back when I used to use a Microsoft operating system, the one thing that I didn't like is that the default setup is to run the OS as an administrator. This does not exist in most professional operating systems. Anyone using windows should be logged in as a user and not have privlige to system files. On the other hand since the OS is not designed this way, that might be more pain than it's worth. At any rate, the security is poor, but than that might be their plan.

09-10-2002, 04:18 AM
I dont really care if I lose files like my windows dir becuase i can always just insert my system disks and format :D. I burn all my downloaded/important (ahem) things straight away.

09-10-2002, 04:18 AM
The only stuff I leave on my computer is stuff i'm willing to lose.

09-10-2002, 06:48 PM
Bah, you watch The Screen Savers too?