Introduced in Service Pack 2, along side many other security features, Windows XP gained the "security center" (screenshot). A nice addition, and a central place for people to check their system's security status. So we thought.
eWeek and PC Magazine have published reports suggesting that the system can be spoofed very easily, allowing potentially nasty programs to perform un-wanted tasks. "Based on an anonymous tip, we looked into the WMI and the Windows Security Center's use of it, and found that it may not only be a security hole, but a crater in the wrong hands. Due to the nature of WMI, the WSC could potentially allow attackers to spoof the state of security on a user's system while accessing data, infecting the system, or turning the PC into a zombie for spam or other purposes."
The PC Magazine article explores the problem and how it can be exploited in good depth. It makes very depressing reading for users who had hoped that Microsoft had over-come this kind of problem with Service Pack 2. Microsoft responded to the article suggesting that they didn't think it was a problem at all; they added that you needed to be running as an administrator for it to be an issue; true, PC Mag agreed, but they also noted that XP Home runs (by default) as Admin, and most users of XP Pro make themselves administators to save hassle when installing and running programs.
Service Pack 2 is a necessary upgrade for all users, and everyone should install it. However, as the article and Neowin recommend, don't rely to heavily on these new security features. Ensure you update Firewall / AV / Windows often, and check the status of your protection often. Microsoft will never be able to be 100% safe / problem free, but they are trying, and should be commended for their effort.
View: Read more at PC Magazine | eWeek Article
Download: Service Pack 2
-1 Comments - Add comment