Windows XP Service Pack 2 vulnerable to DoS attacks

Windows XP Service Pack 2 vulnerable to DoS attacks

In spite of Microsoft claiming that the Windows XP Service Pack 2 is their safest offering yet, the security flaws continues to appear on a regular basis. The latest is this revelation by the company that a fully patched and updated Windows XP system retains a security flaw in the Windows Remote Desktop Service. This service enables users to access their Windows based workstations from a remote location.

This flaw can reportedly let a hacker remotely exploit the problem to crash a victim’s PC through a denial of service attack. This results in a BSOD (Blue Screen of Death) appearing on the user’s machine. Microsoft has confirmed that they are already working on fixing this problem. A company representative said in a statement: “The issue was originally privately reported to Microsoft and we are working on an update that will be released when it is of the appropriate quality. The concern is that this has now gone public, potentially putting customers at risk.”

Microsoft was made aware of this flaw on May 4 by the security agency and they now plans to release the update in the next month’s security update which they release on a monthly basis. One of the major problems is that fully updated windows with Windows Firewall enabled (with default settings) are still vulnerable to this flaw. However, the company claims that the OS is shipped with the affected service disabled by default.

Secunia has rated this security issue as “moderately critical”. Another security firm iDefense has said: “It does not look like it is more than a DoS. An attacker won’t be able to take over your PC, but could knock it offline.” Therefore, it is not that bad as it sounds…