×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

XP2 Spotted In The Wild

michael posted more than 9 years ago | from the watch-out-or-it'll-chew-you-up dept.

Microsoft 634

LostCluster writes "WinXP SP2 has just been released to the public via Automatic Update, but eWeek and PC Magazine are together reporting that Windows XP SP2's 'Windows Security Center' is just about as insecure as it could possibly be. According to them, any program (including ActiveX controls) can access and edit the Windows Management Instrumentation database, and therefore spoof the security status of an insecure box to report that it is properly secured."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

634 comments

Clippy.exe is eeevvviiilll (5, Funny)

Anonymous Coward | more than 9 years ago | (#10077585)

any program can access and edit the Windows Management Instrumentation database

That MF'ing Clippy.exe in MS Word better stop accessing my Instrumentation database or I'll punch that SOB into the middle of next week. Really any program can access and edit the Windows Management Instrumentation database; I knew solitrae and tetris and an altier motive.

Re:Clippy.exe is eeevvviiilll (-1, Offtopic)

AKAImBatman (238306) | more than 9 years ago | (#10077673)

Q: You know the only thing more vile and evil than Clippy?

A: The IT color scheme on Slashdot.

Re:Clippy.exe is eeevvviiilll (-1, Flamebait)

Anonymous Coward | more than 9 years ago | (#10077714)

>...an altier motive.

it's "ulterior", you retarded fuck.

Please help a Linux Newbie (-1, Troll)

Anonymous Coward | more than 9 years ago | (#10077587)

I don't want to start a holy war here, but what is the deal with you Linux fanatics? I've been sitting here at my freelance gig in front of a Mac running Linux (a 8600/300 w/64 Megs of RAM) for about 20 minutes now while it attempts to copy a 17 Meg file from one folder on the hard drive to another folder. 20 minutes. At home, on my Pentium Pro 200 running NT 4, which by all standards should be a lot slower than this Mac, the same operation would take about 2 minutes. If that.

In addition, during this file transfer, Netscape will not work. And everything else has ground to a halt. Even BBEdit Lite is straining to keep up as I type this.

I won't bore you with the laundry list of other problems that I've encountered while working on various Mac running Linux, but suffice it to say there have been many, not the least of which is I've never seen a Mac running Linux that has run faster than its Wintel counterpart, despite the Macs' faster chip architecture. My 486/66 with 8 megs of ram runs faster than this 300 mhz machine at times. From a productivity standpoint, I don't get how people can claim that the Macintosh is a superior machine.

Linux addicts, flame me if you'd like, but I'd rather hear some intelligent reasons why anyone would choose to use linux over other faster, cheaper, more stable systems.

Re:Please help a Linux Newbie (0)

Anonymous Coward | more than 9 years ago | (#10077777)

Ever heard of google?

No problem here! (5, Funny)

GroovBird (209391) | more than 9 years ago | (#10077588)

My box says it's insecure! So therefor, I can't possibly have some spoofing ActiveX control thingie, can I?

Re:No problem here! (2, Informative)

joxeanpiti (789529) | more than 9 years ago | (#10077782)

My box says it's insecure! So therefor, I can't possibly have some spoofing ActiveX control thingie, can I?

Then your system is properly configured, everything is correct.

fp (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#10077589)

fp!

Re:fp (0)

Anonymous Coward | more than 9 years ago | (#10077844)

looks like you almost got it

http://www.freedesktoppc.com/default.aspx?refere r= 8353205

Leopard? (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#10077592)

XP2 Spotted In The Wild

Sounds like some sort of leopard in the jungle, if you ask me.

Re:Leopard? (0)

Anonymous Coward | more than 9 years ago | (#10077662)

Made it sound like a disease to me.

Re:Leopard? (5, Funny)

lucabrasi999 (585141) | more than 9 years ago | (#10077698)

Sounds like some sort of leopard in the jungle, if you ask me.

Cue Marlin Perkins (of the old Mutual of Omaha Wild Kingdom [museum.tv] shows):

MP: "Today, we are going to find and capture the elusive XP2 Leopard. My associate, Jim, is armed with a toe-nail clipper and a badminton raquet. Jim, why don't you start marching down that trail over there? I'll be back at the truck with the cameraman and a bottle of scotch."

SP2 - as secure as any linux distro... (5, Funny)

BobRooney (602821) | more than 9 years ago | (#10077593)

if every user were root.

Re:SP2 - as secure as any linux distro... (4, Insightful)

Red Alastor (742410) | more than 9 years ago | (#10077686)

And all running the same distro. And all running Internet Explorer with crossover. ;-)

Re:SP2 - as secure as any linux distro... (0)

rokzy (687636) | more than 9 years ago | (#10077816)

that's bullshit and you know it.

have a look at the "dragging a scroll bar can be used to install and auto-run arbitrary programs" example below.

Saw it comming. (-1)

Anonymous Coward | more than 9 years ago | (#10077596)

...who didn't?!

Can someone answer this question? (3, Insightful)

forgotten_my_nick (802929) | more than 9 years ago | (#10077598)

I was told it was rolled out today (SP2), so can someone explain why my XP machines wanted to install the SP2 patch a few days ago?

Re:Can someone answer this question? (5, Informative)

hardreset (775806) | more than 9 years ago | (#10077672)

Microsoft released SP2 in a staggered fashion. First to MSDN subscribers, OEM's, Enterprise customers, etc. Second, SP2 was unleashed to XP Home Edition via Windows Update. Today, they're finally allowing XP Pro users to get the patch. It was intended to allow corporate customers the ability to disable the update to their clients.

Wasn't the release of XP2 supposed to... (0)

rokzy (687636) | more than 9 years ago | (#10077602)

...bring about the demise of the internet, according to Kaspersky or whatever that Russian company said? ...

Can you hear me now?

Re:Wasn't the release of XP2 supposed to... (1)

niteice (793961) | more than 9 years ago | (#10077747)

Seeing as Windows has ~94% of the desktop OS market, yes, the Internet would have gone down if M$ allowed everybody to get SP2 at once.

Re:Wasn't the release of XP2 supposed to... (0)

Anonymous Coward | more than 9 years ago | (#10077765)

Or maybe Bill Gates just saved the world in the nick of time by getting SP2 out?

this is surprising? (1, Insightful)

suezz (804747) | more than 9 years ago | (#10077604)

why does this surprise anybody - I am sure glad I don't do windows anymore - I can get on with a lot more important things and my computers just work - don't have to defrag, virus update, or worse yet os update from microsoft. now if my dsl provider can just get more reliable life would be great.

Re:this is surprising? (5, Insightful)

Errtu76 (776778) | more than 9 years ago | (#10077734)

Right. I can only assume you're using Linux now, and I apologize if i'm wrong. So you probably never have to: upgrade your kernel, upgrade applications or do an fsck. If this is the reason why you abandoned windows, it's a silly one. As far as i know, only consoles (Nintendo, PS1/2 & Co.) don't require updates. Everything else does.

Re:this is surprising? (2, Informative)

LilMikey (615759) | more than 9 years ago | (#10077830)

I guess that depends on what you mean by "have to". An out of the box Fedora Core 2 system will work and play just nicely with your email, office, internet, graphics, video, etc. An OOB Windows XP install will only last 20 minutes [slashdot.org] once connected to the internet.

I'm sorry, were you expecting better? (2, Insightful)

Anonymous Coward | more than 9 years ago | (#10077609)

Fact: You cannot bolt on security to something after the fact-- it has to be designed in from the ground up, or it's worthless.

Exhibit A: Windows.

Bill can announce a new security initiative every day from now until Doomsday, and it won't mean a damn thing unless they scrap Windows completely and start over. Period.

Re:I'm sorry, were you expecting better? (2, Interesting)

ccharles (799761) | more than 9 years ago | (#10077717)

I could be wrong, but aren't they already starting from the ground up with Longhorn?

Re:I'm sorry, were you expecting better? (2, Insightful)

Serapth (643581) | more than 9 years ago | (#10077741)

UM... have you taken a look at the size of SP2 yet? I used the MSDN install about a week back, and it was 400 megs in size. Thats as big or bigger then the initial install of XP.

They arent bolting it on to XP, they are essentially rolling out Windows XP version 2. Sofar I havent had too many issues with the service pack, which is amazing considering how much it does. Frankly, I dont think Linux could come close to releasing a patch of this magnitude with as little side effects. Microsoft should truly be applauded for their recent actions... although, granted this is slashdot... aint gonna happen.

Re:I'm sorry, were you expecting better? (2, Funny)

chewmanfoo (569535) | more than 9 years ago | (#10077827)

Good Job Microsoft!

I really appreciate you letting script kiddies hack my box with an ActiveX control to make it look like I'm "secure" when I'm really being ass-raped and turned into a SPAM server!

Another excellent release. Kudos!

Re:I'm sorry, were you expecting better? (0)

Anonymous Coward | more than 9 years ago | (#10077831)

Frankly, I dont think Linux could come close to releasing a patch of this magnitude
Linux is an operating system. It doesn't release patches, you stupid fucking moron.

Re:I'm sorry, were you expecting better? (4, Informative)

Hungry Student (799493) | more than 9 years ago | (#10077838)

That's because you got the network admin version, which has every little bit for every possible system so that admins can customise it for the systems running on their networks. The version designed for single computers is between 50 and 80MB according to how well patched your pc is to start off with. You're right that they're, effectively, rolling out XPv2, but your reasoning's off.

Re:I'm sorry, were you expecting better? (5, Informative)

Vann_v2 (213760) | more than 9 years ago | (#10077842)

That's the network install, which includes every update since XP was released plus code to figure out what version of Windows you're actually running. If you download it from Windows Update it does all that before-hand and only sends you the stuff you need, which makes for a much smaller download.

wel... (-1, Troll)

Anonymous Coward | more than 9 years ago | (#10077612)

well....they tried....

Leave it to microsoft (5, Interesting)

Nos. (179609) | more than 9 years ago | (#10077617)

To build in a security overview system and leave it wide open so that its easy to fake the current status of things like your firewall and anti-virus.

Re:Leave it to microsoft (1)

LaCosaNostradamus (630659) | more than 9 years ago | (#10077683)

That's OK ... it'll be just another patch. The customers are the real software testers of Microsoft, so this is business as usual.

Internet Meltdown Predicted for Today (5, Funny)

Cocodude (693069) | more than 9 years ago | (#10077618)

So this is what the Internet Meltdown Predicted for Tomorrow [slashdot.org] article was referring to!

Re:Internet Meltdown Predicted for Today (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#10077671)

Two Aircraft crash at same time [reuters.com] in Russia yesterday. The black boxes were disabled so an organized plot is suspected. This may have something to do with the alarms.

Re:Internet Meltdown Predicted for Today (2, Interesting)

funkdid (780888) | more than 9 years ago | (#10077708)

hahahaha

You know what I got from the article was:

It will now be easy for people/code to exploit a new vulnerability in Windows allowing (insert favorite action taken after an exploit is found HERE).

Umm, I saw this coming, I mean it's 10am where I am right now and I haven't heard about today's exploit yet.

In all seriousness Joe Computer needs to stop trusting Microsoft to do everything in his computer. Their idea of shouting "HEY STUPID get an anti-virus program" isn't a bad idea. The implementation was, but the idea isn't. From what I've read SP2 is a slight improvement security wise, so for Joe User all security updates are worth installing. (Joe User just normally doesn't ever run Windows Update. Think of the last time some relative called you with a computer problem!

"You: Did you try doing the 'Windows Update'?" - Relative: "Where's that?" -I rest my case.)

I'd rather the 14 million drone machines out there in the wild had XP2, then not.

That's ok (5, Funny)

Bricklets (703061) | more than 9 years ago | (#10077621)

According to them, any program (including ActiveX controls) can access and edit the Windows Management Instrumentation database, and therefore spoof the security status of an insecure box to report that it is properly secured."

That's ok. MS probably wants it to be easy to use so that everyone can use it. ;)

Re:That's ok (1)

random_culchie (759439) | more than 9 years ago | (#10077743)

Thats exactilly it.
Check out microsoft's response [pcmag.com] to the PC World article.
IMHO the treat is exagerated. The malicious program would already have to have bypassed the security features to interfere with the security panel.

Pseudo Problem. (5, Insightful)

vi (editor) (791442) | more than 9 years ago | (#10077625)

If a boxen is 0wned then we can savely assume that the 0wner/w0rm has root access. And with root access it can do anything anyway.
This is like complaining that one can shut down your computer by removing the power plug.

Re:Pseudo Problem. (1)

sigaar (733777) | more than 9 years ago | (#10077722)

For real, but I don't believe that's the point. The concern now is that MS did all these great things to the security and in the process broke a bunch of applications, all in the name of extra security. And as it turns out it's no better than it was, it just makes you think it is.

Actually, no... (2, Interesting)

Svartalf (2997) | more than 9 years ago | (#10077723)

They're claiming that it's much more secure that Unix/Linux with this service patch. In terms of being 0wned, it's hard to totally cover your tracks in a Unix box- you leave a trail of breadcrumbs somewhere that typically can be seen (most tools simply automate the process...). In the case of an SP2 XP box, it'a apparently rather easy to cover one's tracks and you have to rely on signature scanning (i.e. Virus/Trojan scanning...) to hope you can find the intruder.

I don't consider that to be a non-problem, nor do I consider it to be more secure. It's definitely not secure enough to be allowed exposure to critical infrastructure of any kind.

Re:Actually, no... (1, Interesting)

Pxtl (151020) | more than 9 years ago | (#10077772)

The reason they say its safer is because they took advantage of the new processor features that allow you to mark a block of memory as "non-executable" thus stopping buffer overrun 'sploits and similar problems. Linux doesn't have this feature.

The catch is this: most of the modern windows 'sploits aren't buffer overruns into non-executable memory, they're just malware using the MS application tools like ActiveX.

So, it is probably true that the Microsoft kernel is more secure than the Linux kernel. The respective operating systems, viewed from a holistic perspective, may not be.

Scary stuff. (5, Interesting)

sploo22 (748838) | more than 9 years ago | (#10077630)

Step 1: Go to http://www.mikx.de/scrollbar/ [www.mikx.de]
Step 2: Drag the scrollbar down a bit and let go
Step 3: Start -> Programs -> Startup

That's just spooky.

Re:Scary stuff. (0)

Anonymous Coward | more than 9 years ago | (#10077682)

Step 4: Profit!!

Re:Scary stuff. (2, Funny)

iainl (136759) | more than 9 years ago | (#10077693)

Cool! Now I can justify buying a replacement mouse on the grounds that a working wheel is a "Security Feature".

Re:Scary stuff. (0)

Anonymous Coward | more than 9 years ago | (#10077697)

Not so scary if you run FireFox...

Re:Scary stuff. (2, Interesting)

alphax45 (675119) | more than 9 years ago | (#10077705)

Doesn't appear to work correctly with Mozilla... but that could also be zone alarm stopping it.

Re:Scary stuff. (5, Informative)

spellraiser (764337) | more than 9 years ago | (#10077737)

You forgot ...

Step 0: Open IE

Couldn't even drag the scrollbar in Firefox :-/

Then I opened IE and tried it - jackpot. Nice little booom.exe in my startup folder. I have SP2 installed. Good grief.

Doesn't work for me... (1)

Anaphiel (712680) | more than 9 years ago | (#10077770)

... and I'm pretty sure this is the most recent version of Safari available.

Oh, wait...

MOD PARENT UP (0)

Anonymous Coward | more than 9 years ago | (#10077795)

OH MY GOD.

that's so pathetic I think part of my brain just exploded.

Re:Scary stuff. (4, Funny)

NtroP (649992) | more than 9 years ago | (#10077850)

Crap! One more site that doesn't work right in Safari or Firefox!

I guess I'll have to switch back to IE.

Incorrectly report, but change? (4, Interesting)

iainl (136759) | more than 9 years ago | (#10077631)

I'm seeing reports all over the shop that its easy to spoof the security centre into claiming that (for example) the firewall is turned on when it isn't.

What I've yet to see is any indication that its possible to actually do the turning off of things, which would be rather more serious.

As it is, surely the only problem is if you forget that you turned something off? I've no big plans to make my box insecure now I've done configuring it on installation.

Re:Incorrectly report, but change? (1)

Red Alastor (742410) | more than 9 years ago | (#10077763)

The article said that viruses or similar threats could wait for you to turn security off to attack, then cripple them while they are off and let you think after that they work normally.

Lots of people will turn off security for show periods. Like when an installation program tell them to turn off every running program.

Close it anyway MSFT or stop the default Admins! (5, Insightful)

garcia (6573) | more than 9 years ago | (#10077635)

To spoof the Windows Security Center WMI would require system-level access to a PC. If the user downloads and runs an application that would allow for spoofing of Windows Security Center, they have already opened the door for the hacker to do what they want. In addition, if malware is already on the system, it does not need to monitor WSC to determine a vulnerable point of attack, it can simply shut down any firewall or AV service then attack - no WSC is necessary."

Sadly just about everyone runs shit as Administrator (it is the default mode for XP Home installs) to make life easier and as MSFT has noted they are opening themselves up to the attacks... For those that will mention that Linux is so much better remember that these are the same people that wouldn't like to have to change to root (sudo, su, login, whatever) to install anything and would be opening themselves up to the same vulnerability level as if they had been running Windows.

Basically the problem was in design... They should not have had an open API controlling the "WSC" and thus malware would not be able to detect the presence of the programs' status from a single location. The real problem is that MSFT isn't admitting that it is a serious problem and needs to be changed on a different level... Saying that malware writers are going to use the direct route and disable the firewall/AV outright, while true, doesn't get them off the hook for creating this hole that is more difficult even for a more advanced user to notice.

Re:Close it anyway MSFT or stop the default Admins (2, Informative)

drinkypoo (153816) | more than 9 years ago | (#10077699)

Administrator is the default context for XP Pro, too, if you create users at install time. I run as administrator, but I use Firefox to browse everything but windows update, and I have Norton installed and auto-updating itself every day. Hence I am operating in an insecure fashion, but with little risk.

(Watch me get owned tomorrow or something, but nonetheless, I stand by my statements.)

On Linux I do typically do everything as me, and sudo when I can, but some programs don't work right when you sudo, they need a full root environment. On windows, using run as often doesn't work right because spawned programs revert to your user context (though not always? I'm not sure what's going on there), and many processes spawn new processes to do their dirty work. Even a lot of installs work this way, unfortunately.

Re:Close it anyway MSFT or stop the default Admins (1)

garcia (6573) | more than 9 years ago | (#10077745)

On Linux I do typically do everything as me, and sudo when I can, but some programs don't work right when you sudo, they need a full root environment.

You have a clue about the importance of doing so. Windows users don't give a fuck about the importance of anything except ease of use. All they want to do is click, download, install, and run. They would prefer to skip all steps except run if they could...

If that means running everything as "super user" then that's what it needs to be. Remember these are the people that use the same passwords for their home, work, ATM, websites, email, and garage door codes.

Re:Close it anyway MSFT or stop the default Admins (5, Interesting)

grasshoppa (657393) | more than 9 years ago | (#10077721)

There is one subtle difference between linux and window admins: There is a lot of window software that is written to be run as administrator. Finding all the files to give permissions to causes quite a headache.

Linux, I feel, has a better system at the moment. However, as this is the developers fault, I see no reason why linux would be immune from this problem.

UA String any different? (4, Interesting)

Anonymous Coward | more than 9 years ago | (#10077644)

Is there a way to distinguish Windows XP with SP2 from older versions through the User Agent String?

You would think.. (1)

JustNiz (692889) | more than 9 years ago | (#10077658)

That after all the fuss about security, microsoft would get it right, especially in the face of obviously superior security in Linux.

I can't believe that they they lack the expertise or resources, which only leaves the will to do it, which sounds like a bad conspiracy theory.

Does anyone know why they would persist with allowing XP to be insecure on purpose?

Oh my god! (3, Insightful)

dave420 (699308) | more than 9 years ago | (#10077661)

You mean it's possible to edit configuration scripts from within the operating system? Oh no!

Seriously, this is just more scaremongering. The WMI system has to be accessed locally, and their examples of how this could be circumvented is pretty silly. ActiveX apps on a web page won't run unless you specifically tell them to. The only other ways are via a downloaded application. It boils down to "you have to do something on your computer that lets a malicious application run". How is that any different from any other operating system in the world? Even as a non-root linux user you can fuck up a system by running a malicious script... I don't get it.

Am I missing something?

Re:Oh my god! (2, Insightful)

$rtbl_this (584653) | more than 9 years ago | (#10077748)

Even as a non-root linux user you can fuck up a system by running a malicious script...

I'm intrigued. While I've only given it a few minutes' thought, I haven't managed to come up with a way that an unprivileged Linux user can hose an entire system (well, outside of their own data) with a malicious script. Could you let me know what I'm missing here? Thanks.

Re:Oh my god! (1)

dave420 (699308) | more than 9 years ago | (#10077781)

I know I've done it in the past. I'd give you specific examples but I've not done it recently. There is a way... dare you find it? ;)

Anybody? Anybody? (0, Redundant)

avisdream (770669) | more than 9 years ago | (#10077663)

I installed SP2 last night, and when I booted my PC this morning, Windows would not load. Not even in safe mode. Just hangs at the startup screen.

Thanks a lot, Bill. I couldn't have asked for a more appropriate birthday present from you.

Much ado about MS bashing (-1, Redundant)

Anonymous Coward | more than 9 years ago | (#10077666)

The one mitigating factor that we found is that to change the WMI, and spoof the Security Center, the script has to be running in Administrator mode.

No real surprise (4, Insightful)

Arclite (471674) | more than 9 years ago | (#10077669)

Let's be honest. Did anyone really expect SP2 to not need a slew of new patches after release?

Personally, I'm just glad that it doesn't bomb randomly after install. Yet.

Still better than Unix. (0, Troll)

Basalisk (215292) | more than 9 years ago | (#10077670)

At least Microsoft makes an attempt to identify non-secure PCs, while Unix security goes no further than 'read-only' flags on files (and only files, directories are by default read/write, so anybody can delete your files.)

Not working for me (1)

G27 Radio (78394) | more than 9 years ago | (#10077678)

Auto-update notified me of the patch yesterday on my workstation. I accepted it to check it out, but it never downloaded.

Today I got the notification on my notebook and decided to try the same thing on that one as well. Same thing--the update box goes away but nothing appears to download.

It's not that big of a deal, but I do want to get it installed on at least one of my machines to see if it would break anything.

Re:Not working for me (1)

iainl (136759) | more than 9 years ago | (#10077746)

SP2 is available from Windows Update now - I downloaded it from the site last night and installed it ok (after making a System Restor point first). If you want to give it a whirl, I'd suggest just going there.

Need root? (5, Insightful)

randyest (589159) | more than 9 years ago | (#10077679)

No, most user's don't need to be root most of the time. Yet:

While we are not aware of any malware exploiting this, we think it will only be a matter of time. The one mitigating factor that we found is that to change the WMI, and spoof the Security Center, the script has to be running in Administrator mode. If executed in Windows XP's Limited Mode, it will give an error, and not allow changes. Unfortunately, most home users who will be at risk, run in the default administrator mode.

How can we convince people not to run admin mode? It's easy at work, in UNIX land (most people don't get to know root pw.) But most Windows users I know don't even know the difference.

Every windows security problem I know of can be solved, or at least significanly mitigated, by users not running root.

Re:Need root? (0)

Anonymous Coward | more than 9 years ago | (#10077774)

People won't stop with the root-running untill some of the major programs no longer require that you run in root.
IIRC some games (Unreal?), some AVs and some business software still require root.

Re:Need root? (1)

lpangelrob2 (721920) | more than 9 years ago | (#10077779)

How can we convince people not to run admin mode?

Something as simple as making the first account not root, shuffling away Administrator Mode into the "Advanced..." section of setup, and even showing the fire-engine red background and menubars with a "WARNING: You are in administrator mode. Only proceed if you're an advanced user..." would do.

That would show Windows users the difference. Now if only all the people that makes Windows apps could allow them to be installed in limited mode...

Re:Need root? (0)

Anonymous Coward | more than 9 years ago | (#10077780)

in theory you are correct, but I suspect you haven't tried this much in XP (it was worse in 2000). Many applications are not set-up properly to be installed by the Admin but run by a powerless user. For example, lack of permission to write to a log file created by the Admin during install/set-up. Games have this problem too, which means...your kids must play under Admin privs.

Yes, you can manually go and correct all these things but it's easier to have one machine you acknowledge is insecure and have a second machine for finances etc.

Re:Need root? (2, Insightful)

MobyDisk (75490) | more than 9 years ago | (#10077821)

How can we convince people not to run admin mode?
Two steps are required:
1) Make apps that work without admin mode. Most stuff on the shelf today still doesn't. I have yet to see a game that does.
2) Make apps that need admin access prompt you for it. - *nix has done this for a long long time.

But neither of these things will happen until the mentality changes. The mentality won't change until the apps are there. I've tried to get user's to do it when possible, but then they go download some spyware app that makes a jiggly peanut dance across the screen (or some such nonsense), and it needs admin rights, so they would rather lose all security and pay me $100 later on to fix their system, than to stop downloading the pointless spyware.

just put your facts in the right order (1)

rozz (766975) | more than 9 years ago | (#10077685)

http://www.pcmag.com/article2/0,1759,1639277,00.as p

and you were expecting what??? (2, Insightful)

stonebeat.org (562495) | more than 9 years ago | (#10077695)


Windows XP SP2's 'Windows Security Center' is just about as insecure as it could possibly be.

and you were expecting what???

Remember Windows Management Instrumentation requires administrator credentials. If you have admin priveledges on any box, you can do much harm, regardless of the Operating System

I installed it last night (5, Informative)

mrgreenfur (685860) | more than 9 years ago | (#10077701)

I noticed it was up last night to I installed it.

It's 94.50 mb which takes a while to download. Upon installation and restart the new windows security center pops up and trys to get you to turn on your firewall, automatic updates and antivirus software. By default if any of these are off, there's an obnoxious red shield in the system tray. Turning off alerts for these makes it go away.

Otherwise there doesn't seem to be any major changes.

So far nothing's borked.

Re:I installed it last night (1)

Tim C (15259) | more than 9 years ago | (#10077834)

It's hardly obnoxious (although that's subjective, I guess), and (presumably) you can elect to hide it, like any other "status notification icon", if for whatever reason you want to ignore the warning.

The new XP SP2 insecure (-1, Flamebait)

joxeanpiti (789529) | more than 9 years ago | (#10077709)

Almost nothing in Perl serves a single purpose.

Almost nothing in XP is secure.

Windows XP SP2's 'Windows Security Center' is just about as insecure as it could possibly be.

Microsoft Software is just about as insecure as it could possibly be.

Send in the Rovers (5, Funny)

MikeMacK (788889) | more than 9 years ago | (#10077712)

Based on an anonymous tip, PC Magazine looked into the WMI and the Windows Security Center's use of it, and found that it may not only be a security hole, but a crater.

Maybe MS could get NASA to send a few rovers in there to see what they can find out.

I don't think anything can be done. (5, Interesting)

London Bus (803556) | more than 9 years ago | (#10077725)

To make Windows secure, that is. I know lately that Microsoft-bashing has gone from being the in thing to being "trolling", but it's true. Just because it's become less fashionable to say so doesn't change the fact. I don't understand how Windows users can continue to use these machines. I live in a relatively remote area of Japan, and yet somehow within 4 minutes after hooking up my brand-spanking new machine to the Internet, I started getting Code Red connection attempts and repeated assaults on various four-digit ports. I guess they don't respect geographic boundaries either. By the way, this all happened while I was downloading XP2/SP2. It's not going to help when we don't even have time to install it before getting our machines "owned".

I've always criticised Linux users for being sloppy and the like, but the operating system itself is at least rock solid. It rarely crashes, it has a decent windowing system, and I don't see advisories for it on Bugtraq every 8 hours. Windows is easy to install, but it's all too easy for someone else to compromise. Ease of use is nice, but I think I'll take peace of mind with GNOME on Fedora Core.

Worse than no protection at all... (1, Insightful)

Anonymous Coward | more than 9 years ago | (#10077731)

According to them, any program (including ActiveX controls) can access and edit the Windows Management Instrumentation database, and therefore spoof the security status of an insecure box to report that it is properly secured.

A protection scheme that reports that it is secure while actually being totally insecure is worse than no protection at all. A lot of people will use ZoneAlarm or whatever and their own virus scanner, but if too many people believe their machines are secured, this SP may have the opposite of its intended effect: *more* unsecured PCs attached to the Net than before. MS should stick with their old policy of not introducing new features in service packs, just bundling bug fixes and security patches together.

Hardly Surprising (-1, Troll)

oldgeezer1954 (706420) | more than 9 years ago | (#10077736)

It's hardly suprising that Microsoft still doesn't get it. The hard question is will they ever get it. I suspect as long as the snake oil salesmen trio of Gates, Ballmer, and Allchin are around the answer is a loud no. Whether it's greed or incompetence these so called leaders are a dead loss to the to the computing industry. They do great in the financial industry but monopoly control probably covers a multitude of sins in that area.

Running as admin? (5, Insightful)

W2k (540424) | more than 9 years ago | (#10077753)

According to them, any program (including ActiveX controls) can access and edit the Windows Management Instrumentation database, and therefore spoof the security status of an insecure box to report that it is properly secured.
Um .. you sure that's not supposed to be any program that's already running as admin on the box in question? Sorry, but if I was a malicious app running as admin, I would do much more interesting things than tamper with the security center. Not even Linux/OSX/*BSD are secure if you manage to get malicious code running with admin rights. The article got it right (it mentions that the attacking script/app/whatever must be running as admin) but whoever submitted this to Slashdot seems to have missed this tiny, unimportant detail.

The next thing to be said is usually: "But most home users run as admins." (The article also mentions this.) Well, that's not a Windows problem; that's a user problem. Even if Windows forced users to run in "limited mode" (which would cause an outcry in itself - "eek, Microsoft is trying to take away control over our own computers from us"), it also doesn't help that most third-party software for Windows requires admin rights either to install or *gasp* to run. Of course, this is ancient news to everyone with a clue .. nothing to see here, move along.

Of course, even when running as admin, protecting yourself against malicious code is fairly trivial; simply use a firewall (SP2 incidentally includes one), don't run binaries from untrusted sources, surf the web and check your email using something other than IE/Outlook [mozilla.org], use a virus scanner/shield, and keep your apps and OS updated. Again, no news to anyone with a clue.

Re:Running as admin? (0)

Anonymous Coward | more than 9 years ago | (#10077846)

"not a Windows problem; that's a user problem"

Boy do you need a serious beating.

Please get the fuck out of the computing world, you're an embarrassment to the rest of us.

Confirmed (1)

SkiddyRowe (692144) | more than 9 years ago | (#10077769)

I did a refresh of a XP Home update, and SP2 was at the top of the list. Pretty interesting, the boot screen now says "Windows XP" with no reference to Home or Professional. The scrolling bar color also changed. Now it looks like I have XP Pro....wait that's still embarassing....

Die security balloon! Die! (1)

dtfinch (661405) | more than 9 years ago | (#10077796)

I don't want to enable my firewall damnit.

Re:Die security balloon! Die! (1)

Call Me Black Cloud (616282) | more than 9 years ago | (#10077823)


You can turn off the warnings from the control panel. Open up the "security" applet (or whatever it's called) and there is an option to control notification.

So let me get this straight (1)

Bandit0013 (738137) | more than 9 years ago | (#10077813)

It's possible to write a virus exploiting an insecure machine...

Really now? How interesting *dripping sarcasm*.

This isn't news. In fact I'd say this whole article is a troll.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...