Forum Moderators: phranque
With Service Pack 2, Microsoft introduces a new security feature which warns users before executing files that originate from an untrusted location (zone) such as the Internet.There are two flaws in the implementation of this feature: a cmd issue and the caching of ZoneIDs in Windows Explorer. The Windows command shell cmd ignores zone information and starts executables without warnings. Virus authors could use this to spread viruses despite the new security features of SP2.
Windows Explorer does not update zone information properly when files are overwritten. So it can be tricked to execute files from the internet without warning.
Well, that was fast.
Jennifer
Some German security researchers briefly held the spotlight yesterday after they claimed that they were the first to discover flaws in Microsoft's newly released and eagerly anticipated Windows XP Service Pack 2 (SP2) update. But Microsoft was quick to dismiss the claims, arguing that the flaws are theoretical, not actual. By late yesterday, the researchers were forced to admit that they were wrong.
...
The heise Security researchers subsequently admitted that the flaws are theoretical only and that no software code exists to exploit them.
the flaws are theoretical, not actual
What the heck does this mean? Either the flaws exist or they don't. It's reminiscent of the tobacco companies' claim that the evidence for a link between smoking and lung cancer was "only statistical". It's an attempt to obfuscate sooner than face up to responsibilities.
