"Windows XP Service Pack 2 promises to raise the security bar for the sometimes beleaguered operating system. Unfortunately, one of the new features could be spoofed so that it reports misleading information about system security, or worse, lets a malicious program watch for an opportunity to do damage without being detected

Due to the nature of WMI, the WSC could potentially allow attackers to spoof the state of security on a user's system while accessing data, infecting the system, or turning the PC into a zombie for spam or other purposes.".

"The Bottom Line:

Do we think that end users should upgrade? Yes, Windows XP Service Pack 2 is a must do, especially for end users. However, we would recommend users not take the WSC as gospel, If you use an antivirus, or 3rd party firewall, look at their status panels as a sanity check. Keep your Antivirus, windows, firewall updates current, and most of all, be very careful of what you run on your system."

Windows XP SP2 Has a Dangerous Hole (http://www.pcmag.com/article2/0,1759,1639276,00.asp)

Seems like pretty much a non-issue to me.

From the article:

We see the WMI and WSC as an indirect security risk, or hole, or whatever you want to call it

How is this "A Dangerous Hole"?

"Indirect" being the key word there. Also, it is not a hole that allows attackers in. It only allows an attacker access to the Security center through WMI if the attacker has already found a way into the system.

Again, downloading attachments or running .exes without scanning first must be avoided. This has always been true.

The Security Center I feel is meant as a means to alert users they are not up to date or secure, not to confirm that they are. Users must be wise and confirm this for themselves, as has always been the case.

The security center is a placebo anyway. I have disabled it right from the start. I monitor my security myself, as all users should.

Articles like these are designed to draw attention, not really inform.

If you use an antivirus, or 3rd party firewall, look at their status panels as a sanity check. Keep your Antivirus, windows, firewall updates current, and most of all, be very careful of what you run on your system."

Has this not been obvious for quite some time? Is SP2 expected to end a user's responsibility for their own security?

The new security centre is meant to be used as as lookout (IMHO). It is not the be-all and end-all for security.

The Win firewall WILL stop incoming threats but it WILL NOT stop out going. So if you have previously been infected or allow something into your computer you have no way of being made aware unless you have third party software for that purpose.

I also turned of the security centre right after installation of SP2. (turned off Win fiewall/and updates to notify only) My security is my concern and responsibility. As for trusting MS firewall, well it is basically a new thing (I know there is/was a version in SP1) and on MS's previous record I would not trust them with my security.

As for auto updates I have chosen to recieve notification but I will, as in the past, be installing them manualy just incase, as in the past, the is problems after installation. It also means that I will have the updates stored onto my computer/disk for future use.

I/we will not know whether the MSC will still notify or not when an security patch is released due to the fact that I have it effectivly turned off. But once again I will continue to do as I have done in the past, manually check every 3-4 days to see.

My understanding is that auto update will still notify.

My recomendation is install 3rd party firewall.
Do manual updates.

Totally agree with you guys the WSC is just a tool.
People here on the forums for any length of times know about their own security and what needs to be checked.
I also found the article not to show any major hole that really has anything to with sp2, but just reinforces the need to be careful with how you play on the net.
I have upgraded [finally:D ] both my machines and everything is fine.
I don't use the WSC and will continue to use the products that have kept me safe up till now.
I think for me at least until something really critical is found [I am sure it will also] that it is time to move on and get back to enjoying the net and trying to get some work done.
Mark

I think that whole thing is nonsense, if they get past your firewall and into your PC you are hosed anyway, their breaking into WSC doesn't make any difference at that point.
WSC is only a reminder for those who don't take security seriously that MS recommends having AV and firewall. Of course you aren't going to get them to download SP2 anyway if they don't care.
:rolleyes:

My understanding is that users will have no choice but to install SP2. If they don't do so they will not be able to download forthcoming security patches/updates. Then again there are some folks that choose to swim in dangerous waters then shout for the lifeguard when it is to late.

Ernie, Well after reading the following article it seems everyone will not be able to use it right now.
http://news.com.com/Windows+update+harbors+AMD+conflict/2100-1016_3-5326707.html?tag=nefd.top
I think they will come up with a patch but I'm beginning to think that if your well protected you will somehow manage for awhile.
Ms themselves have said to wait if you have the particular chips in article.
Mark

Mark
There is a time period where you can operate without SP2 to give MS a grace period to sort out these glitches/features (well that seems to be MS's present term(s)) but eventually everyone operating XP will need to get it.

I would have thought that MS and AMD would have gotten together and tested all hardware configs out before this.

I wonder if this is somehow related to something that did the rounds a good while ago wherebye the OS would/will be tied to the Mobo/Processor (I think it was Intel that proposed it with MS helping to push it

:confused:)
I cannot remember the exact details but maybe someone else can or will set me right if I have gotten it wrong.

SP2 runs fine on AMD-64 chips. Because these chips support DEP at the hardware level (unlike present Intel desktop chips, P4, Celeron, or previous AMD chips), there may be a higher chance one needs to configure exceptions for DEP.

This problem occurs not if you just have an AMD-64 chip, but also have hardware which uses the Mpegport.sys driver.

Microsoft recommends uninstalling SP2 as a "workaround", not as a "resolution". The resolution is to try excluding the application (in this case Sigma Designs Hollywood Plus DVD decoder) from being monitored by DEP.

If I had this problem, I would rather completely disable DEP than uninstall SP2.

Edit- the actual MSKB article: http://support.microsoft.com/default.aspx?scid=kb;en-us;878474

I am getting really irritated with these annoying articles with sensational and misleading headlines like these. It is NOT a conflict with AMD systems. It is a conflict with certain "other" hardware and software which requires the use of a certain driver. This driver will attempt to access memory that is protected by DEP (at the hardware level by the DEP capable AMD-64 chips) and will be shut down.

The article's headline and first paragraph make it sound like AMD-64 chips are not compatible with SP2, which is ENTIRELY false. In the immortal words of uncle jabar : GEESH!.:p

Another sensational article (http://blogs.zdnet.com/index.php?p=406) on the same subject. At least here there are reader responses which put the situation in a clearer and more accurate light.

May be time for me to put the kybosh on reading CNET or ZDNET articles. ;)

Malcore, I think you right I read tyhe article and I thought it was the chip not additional software
Mark