R
R.Wieser
XP Guy,
I stand corrected. 10 years of having patch tuesday made me think it was a
bit longer.
You touched a pet peeve of mine: how come we've never been able to easily
tell XPs services to close their network connections ? (MS information to)
some services tell me they should not be stopped at all, otherwise *local*
functioning could be jeopardized. Worst of all is port 445 (which service
is not even present in the list), which can only be permanently stopped from
opening its port by feeding the apropriate service false protocol info by
hand-editing the registery...
Most security problems do not seem to be related to the network itself, but
to how the incoming data is handled by apps/services connecting to the 'Web.
Just think back to how the "auto preview" function of OE was easily foolded
by telling it a certain attachment had a 'music' content type, but the file
itself being an executable. If you looked at the wrong email you where
infected.
Or the .WMF file with its *placed in the image file itself* executable (with
ofcourse full acces to everything) code to handle printer errors.
Currently the focus has shifted to internet accessable content, but
infection method has mostly stayed the same: make the victim use some
vunerable component and you're in. And there are lots of those.
And lets not forget the auto-starting of inserted media, like CDs and USB
devices, and even network drives ...
With XP usage being 25%+ I have no doubt to that.
Regards,
Rudy Wieser
-- Origional message:
The regular monthly patch cycle did not exist until probably 2004
I stand corrected. 10 years of having patch tuesday made me think it was a
bit longer.
The truth is that Win-9x/me has alway been harder to break into
from a remote access point vs the NT line (2k/XP etc).
You touched a pet peeve of mine: how come we've never been able to easily
tell XPs services to close their network connections ? (MS information to)
some services tell me they should not be stopped at all, otherwise *local*
functioning could be jeopardized. Worst of all is port 445 (which service
is not even present in the list), which can only be permanently stopped from
opening its port by feeding the apropriate service false protocol info by
hand-editing the registery...
9x/me was never vulnerable to network worms the way NT was -
because of all the open ports and services that OS's like 2K and
XP turn on by default.
Most security problems do not seem to be related to the network itself, but
to how the incoming data is handled by apps/services connecting to the 'Web.
Just think back to how the "auto preview" function of OE was easily foolded
by telling it a certain attachment had a 'music' content type, but the file
itself being an executable. If you looked at the wrong email you where
infected.
Or the .WMF file with its *placed in the image file itself* executable (with
ofcourse full acces to everything) code to handle printer errors.
Currently the focus has shifted to internet accessable content, but
infection method has mostly stayed the same: make the victim use some
vunerable component and you're in. And there are lots of those.
9x/me was never vulnerable to network worms the way NT
was - because of all the open ports and services that OS's
like 2K and XP turn on by default.
And lets not forget the auto-starting of inserted media, like CDs and USB
devices, and even network drives ...
I fully expect that future patches for other system files made for
Vista and Seven will be tried on Win-XP by power-users and
enthusiasts,
With XP usage being 25%+ I have no doubt to that.
Regards,
Rudy Wieser
-- Origional message: