Russian company picks hole in XP Service Pack 2

Russian security company Positive Technologies has released a patch to a security hole it said it discovered in Microsoft Corp.'s Windows XP Service Pack 2 (SP2) last year.

"We found two small flaws that a programmer could use to go around the SP2 mechanism Data Execution Protection (DEP)," said Positive Technologies Chief Technology Officer Yury Maximov on Monday.

As Microsoft explains on its Web site, DEP is a set of hardware and software technologies that perform additional checks on memory to help prevent malicious code from running on a system. According to Maximov, Positive Technologies informed the Redmond, Washington, software maker on Dec. 22 about a problem with DEP and was told to wait for a response from the company.

"It has been over one month and we have not heard from Microsoft, so we decided to issue our own patch," Maximov said. "We understand that Microsoft wants to protect its product, but we feel it is more important for people to know about the problem and to know there is a tool to protect them."

Maximov added that it was his understanding that hacker groups were already working on ways to exploit the holes in DEP so as to insert rogue code into a PC's memory.

Representatives from Microsoft could not immediately be reached for comment.

Positive Technologies, in Moscow, has developed a temporary security measure, which it made available on Friday as a free utility called PTmsHORP, Maximov said.

The security hole cannot be fully eliminated by a separate patch, according to Maximov, and Positive Technologies assumed that Microsoft was not going to publish the problem or issue a security fix before the release of Service Pack 3, he said.

The PTmsHORP utility can be can be found online for download at http://www.ptsecurity.ru/ptmshorp.asp or at http://www.maxpatrol.com/ptmshorp.asp.

Join the newsletter!

Error: Please check your email address.
Show Comments

Market Place

[]