Windows XP Service Pack 2 promises to raise the security bar for the sometimes beleaguered operating system. Unfortunately, one of the new features could be spoofed so that it reports misleading information about system security, or worse, lets a malicious program watch for an opportunity to do damage without being detected.
The feature is the Windows Security Center, which displays the status of the key elements of your defenses: Firewall, Updates, and Antivirus. If your firewall has been disabled, or your antivirus is out of date, that news will display here. The information is stored in an internal database managed by the Windows Management Instrumentation (WMI) subsystem built into Windows.
Based on an anonymous tip, we looked into the WMI and the Windows Security Center's use of it, and found that it may not only be a security hole, but a crater. Due to the nature of WMI, it could potentially allow attackers to spoof the state of security on a user's system while accessing data, infecting the system, or turning the PC into a zombie for spam or other purposes.
Microsoft offers SP2 compatibility guide
By Jo Best
August 25, 2004, 6:24 AM PT
Microsoft has launched a do-it-yourself kit to help IT professionals assess their software's compatibility with Windows XP Service Pack 2.
Fears among system administrators and IT managers that SP2 may break homegrown applications have already led to delays in corporate launches. To get users back on track and keep developers' blood pressure down, Microsoft is offering the application compatibility testing guide.
The guide, which can be retrieved from Microsoft's Download Center, is designed to help administrators "test and mitigate application compatibility issues." Microsoft adds that the guide is meant for a network of any size and is "as relevant to peer-to-peer environments as it is to Active Directory environments."