Featured Articles

Nvidia adjusts GTX 980 and GTX 970 pricing

Nvidia adjusts GTX 980 and GTX 970 pricing

It appears that Nvidia has been feeling the pulse of the market and took some note from comments regarding the original…

More...
iPhone 6 and 6 Plus reviews are up and they are good

iPhone 6 and 6 Plus reviews are up and they are good

Apple is dancing the same dance year after year. It releases the iPhone and two days before they start shipping it…

More...
Amazon announces three new tablets

Amazon announces three new tablets

Amazon has just released three new tablets starting with the $99 priced 6-inch Kindle Fire HD6. This is a 6-inch tablet…

More...
PowerColor TurboDuo R9 285 reviewed

PowerColor TurboDuo R9 285 reviewed

Today we will take a look at the PowerColor TurboDuo Radeon R9 285. The card is based on AMD’s new…

More...
Nvidia Shield Tablet 32GB 4G LTE out for pre orders

Nvidia Shield Tablet 32GB 4G LTE out for pre orders

Nvidia has finally revealed the shipping date of its Shield Tablet 32GB in 4G LTE flavour and in case you pre-order…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Wednesday, 07 July 2010 09:09

Windows XP has another fatal flaw

Written by Nick Farell


Secunia warns
Fully patched versions of Windows XP and 2000 have another critical vulnerability, which can be exploited by hackers to launch malicious attacks.

Security firm Secunia reported that the vulnerability, which Secunia rates as "moderately critical" is the result of a boundary error in the "UpdateFrameTitleForDocument()" function of the CFrameWnd class in mfc42.dll. The vulnerability can be exploited to cause a stack-based buffer overflow error, which occurs by passing an overly long title string argument to the vulnerable function.

If exploited, the vulnerability can open the door for hackers to launch remote code execution attacks, aimed at taking control of a user's computer and stealing sensitive data.
The only real way to hack a system is to get a user to download a bit of code using social engineering tricks, but that does not really make it less likely to be a problem. The vulnerability has appeared in fully patched versions of Windows 2000 Professional SP4 and Windows XP SP2/SP3, although other versions may also be affected.

Microsoft has not patched the flaw and not yet issued an advisory warning users about the flaw. However it is getting increasingly tired of having to deal with Windows XP and 2000 flaws. The two operating systems are now ancient and much harder to protect than modern operating systems such as Vista and Windows 7.

Nick Farell

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments