* via http://theMezz.com/lists

* subscribe at http://techPolice.com

FBI Computer Security Arm Warns of Windows XP Holes
By Reuters, 12/24/2001

SAN FRANCISCO (Reuters) - The FBI's National Infrastructure Protection Center has 
urged users of Microsoft's Windows XP operating system to disable a feature that could 
leave computers open to attacks from hackers.

In a statement issued on Saturday, the FBI's NIPC, which usually leaves computer 
security warnings to the private sector, said it held technical discussions with 
Microsoft Corp. (MSFT.O) and other industry experts on Friday to identify ways to 
minimize the risk from security holes in the XP software, which was launched in late 

A Microsoft spokesman said he had no comment on Monday on the NIPC statement.

The software giant announced last week it had found two vulnerabilities in its new 
operating system that could leave computers running it open to hackers and at risk of 
being temporarily shut down from a denial-of-service attack or used in such an attack 
on other computers.

Under a denial-of-service attack, a server is flooded with so much Internet traffic 
that it is made inaccessible to legitimate traffic.

In addition to installing the security patch available from Microsoft's Web site, 
computer users running Windows XP should disable the ''Universal Plug and Play'' 
feature, if they are not using it, the NIPC said in its statement.

Microsoft's Universal Plug and Play software allows devices added to a network to be 
automatically recognized and accessed. It is installed by default on XP systems, can 
be switched on in Windows ME systems and installed separately on the Windows 98 
operating systems.

Microsoft and security experts have warned that hackers could take advantage of the 
feature to gain access to otherwise secure systems by overwhelming computers with data 
flow, a common method used by hackers.

The way that the software recognizes new machines on a network could also be exploited 
by hackers to spoof their way into a system and take control in order to launch a 
denial of service attack, the company and experts said.

The NIPC has issued warnings since Sept. 11 for network administrators to be on alert 
for possible distributed denial-of-service attacks, which could interfere with 
e-commerce and slow-down the Internet if serious enough.

Microsoft has said that Windows XP is its most secure operating system ever.

Microsoft has shipped at least 650,000 copies of XP since it was launched Oct. 25, not 
including units that ship with new PCs, according to marker researcher NPD Intellect.


--via http://techPolice.com
archive: http://theMezz.com/cybercrime/archive
subscribe: [EMAIL PROTECTED]
--via http://theMezz.com

This email was sent to: archive@jab.org

EASY UNSUBSCRIBE click here: http://topica.com/u/?b1dhr0.b2EDp2
Or send an email to: [EMAIL PROTECTED]

T O P I C A -- Register now to manage your mail!

Reply via email to