Wifi Password Recovery - UTM - Vulnerability Scanning


VIP LOUNGE
CLOUD LOGIN
Sun Sun Sun

You are here: News > News > Exploit on XP carried out by Google employee

» IT Security NEWS
 
» 11 June 2010
Exploit on XP carried out by Google employee

 

It was reported just recently that both the Microsoft products Windows Server 2003 and Windows XP were exploited. These service packs were discovered to have vulnerabilities, which were not yet updated by the company and the said glitches were abused by an engineer from the web giant Google. Tavis Ormandy, the suspected individual, was deemed to have let loose a malicious code, which directly attacked the faults on the two items.
Even little functions are proven to be unsafe
The operating system Windows XP has a security vulnerability found on its Help Center. The Help function of XP makes use of a white list that consists of links, which will direct users on getting information they need. However, the security fault on the Help Center allows a vicious criminal to add a malicious link without difficulty.
This vulnerability can greatly affect the Internet Explorer browser as well as the other browsers on one’s computer system. In addition, a running Windows Media Player may increase the risk of the system from being attacked by a hacker.
Violation of protocol is evident
The issue wherein how Ormandy was able to broadcast the said security vulnerability became more controversial than the main concern itself. It became arguable because Ormandy violated the protocol that has been agreed upon by many.
He should have reported the detected vulnerability to the concerned company and waited until it gets patched up. He should have also waited until the update for the glitch has been released by the company before he broadcasted his newly-learned knowledge to the users and the vicious criminals.
Ormandy went around the protocol and he distributed the information on what code may be used to manipulate the glitch on the two products. He posted the data on an open security mailing list before he told Microsoft about what he discovered five days prior.
Criticism can never be avoided
The Google employee received criticism from Susan Bradley due to his unruly action. As said by Bradley, the Google engineer should have waited for Microsoft’s reply and he should have been more persistent with regards to sending loads of e-mail so that he can get the company to consider his concerns. Bradley believed that it was not right for him to just broadcast the information about this unpatched hole.
Know more about SecPoint by viewing the following links: About SecPoint, SecPoint News, and SecPoint Awards.
 

 


Reviews of SecPoint.com
 
 
 
 
 

Awards & Reviews
  

  

Subscribe to our Mailing List

Customer References


About
About
SecPoint
History
Mission Statement
Vision
Management
Investment
Bank
Sponsorship
Certificates
Environment
Environment
What is RoHS Weee?
Accounting
Values
Member of Organisations
Merchandise
SecPoint Certification
Design
Status Information
Hardware Vendors
Jobs
Environment
SecPoint on social media
Twitter Facebook Youtube
Products
Products
Protector
Cloud Protector
Penetrator
Portable Penetrator
Cloud Penetrator
Free IT Security Tools
Pricing
SecPoint Brochures
SecPoint Questions FAQ
SecPoint Datasheets
SecPoint SPID Library


Partners
Partners
Become a SecPoint Affiliate
Become a SecPoint Partner
SecPoint Franchising
SecPoint Partner Lounge
News
News
Press
Product Awards
SecPoint RSS Feeds


Contact
Contact
General Contact
IT Security Products Webshop
Latest SecPoint Software Images Change Log
SecPoint FAQ Frequently Asked Questions
SecPoint on Twitter
SecPoint Sales Training Videos
SecPoint Shipping Cost
SecPoint World Wide Shipping
Support
Solutions
Anti-Spam Appliance
UTM Appliance
Penetration Testing
Proxy Appliance
SAAS
Spam Filters
Vulnerability Assessment
Vulnerability Scanner
Vulnerability Scanning
Vulnerability Scanning Appliance
Web Content Filter
Web Filter Appliance
WiFi Hacking
How essential is vulnerability
management?
What is ...?

Encyclopedia | Free Scan Statement | Link Policy | Privacy Statement | Resources | Sitemap | User Policy
© Copyright 1999-2012: SecPoint®
SecPoint ApS Noerregade 7B - 1165 Copenhagen K - Denmark
US Toll free: +1-888-704-7297 - EU: +45-70-235-245