Language Selection

English French German Italian Portuguese Spanish

M$ admits to Media Center hole

Filed under
Microsoft

Microsoft is developing a patch for a newly discovered security flaw in versions of Windows XP which poses a particular threat to computers running XP Media Center edition.

The flaw is in Windows Remote Desktop Services (RDS) and could allow a hacker to cause a computer to crash repeatedly by sending specially crafted data packets.

"Our investigation has determined that this is limited to a denial of service attack, so an attacker could not use this vulnerability to take complete control of a system," said Microsoft in a security advisory.

The user who discovered the vulnerability, security researcher Tom Ferris (aka 'badpack3t'), claims that he alerted Microsoft to the problem in May. The company told him that a patch would be released on 9 August as part of the usual monthly cycle.

"I have been working with Microsoft to get a patch out for this," said Ferris. "Microsoft told me the patch was going to be released in August. We know it's only a DoS [denial of service attack], which is kind of boring, so this is why we decided to report it to Microsoft."

Full Story.

More in Tux Machines

Leftovers: KDE/Qt

Leftovers: OSS

Security Leftovers

  • DNS server attacks begin using BIND software flaw
    Attackers have started exploiting a flaw in the most widely used software for the DNS (Domain Name System), which translates domain names into IP addresses. Last week, a patch was issued for the denial-of-service flaw, which affects all versions of BIND 9, open-source software originally developed by the University of California at Berkeley in the 1980s.
  • Researchers Create First Firmware Worm That Attacks Macs
    The common wisdom when it comes to PCs and Apple computers is that the latter are much more secure. Particularly when it comes to firmware, people have assumed that Apple systems are locked down in ways that PCs aren’t. It turns out this isn’t true. Two researchers have found that several known vulnerabilities affecting the firmware of all the top PC makers can also hit the firmware of MACs. What’s more, the researchers have designed a proof-of-concept worm for the first time that would allow a firmware attack to spread automatically from MacBook to MacBook, without the need for them to be networked.

Brocade CEO: Transition To Open Source Will Be Difficult For Cisco

Communications CEO Lloyd Carney said traditional vendors like Cisco will have a tough time adapting to a more software-defined, open source space. That's because traditional vendors like Cisco's revenue streams are tied to closed architectures, Carney said. Read more