Windows system >> Windows XP System Tutorial >> XP system basics

IE browser security flaws in Microsoft Windows XP SP2

  
        A security researcher found that new flaws in Microsoft's Windows XP Service Pack 2 could result in people being put into executable programs on this completely patched system. The researcher is known as the operator of the Http-equive and Malware.com websites. He found a flaw in the local security zone of Microsoft Internet Explorer, which can exceed the security restrictions of the local security zone by using Html's help control. Researchers have found that if combined with another single defect, that is, drag and drop operations can make the system executable, the result of the attack is the implantation and execution of potentially malicious code from external websites. The researcher provided proof of concept illustrations on the website. The conceptual illustration of the drag-and-drop component goes beyond the scope of Microsoft's recently released related defect patch. Larholm, a senior researcher at PivX Solutions, points out that Microsoft patches designed for MS04-038 do not directly address drag-and-drop issues. Microsoft patches protect against defects by limiting the types of files used by DYNSRC. Larholm pointed out that DYNSRC stipulates the address of the media target used by the web page, as the defect finder pointed out in the original report, this restriction can be taken. He also said that this problem is relatively small, and Microsoft can solve it without much trouble. During this time, users can configure "Kill Bit" in the registry to prevent special command line targets from working (Shell.Explorer). A registry fix to fix this defect is available on the PivX website. The security company said that in order to implant and run the attack program, the user must perform a drag and drop operation. In actual attacks, users may be tempted by files such as images or music, which may contain attack programs. A Microsoft spokesperson said the company is investigating a flaw in Window XP Service Pack 2, which allowed an attacker to implant malicious files in the user's system.
XP system basics
Windows system
How to improve the running speed of Windows XP system

        When it comes to Windows XP, many people may think that it is just an operating system that

Changing the administrator account name in XP to prevent hacking (1)

In a computer running Windows XP Home and Professional, there is a built-in administrator account na
The volume control alternative method

from the volume control, many friends will remember the small speaker-like volume icon in the system
Windows XP can also burn disc

. 1. Basic settings Windows XP can recognize many brands of burners, so the system will automatical
DIY a beautiful XP system startup screen

        There are many people who like to change the WinXP splash screen. I hope that I can use my o
Let the activation of WindowsXP system do it once and for all

        Usually, after we reinstall Windows XP, we must re-activate the Internet or dial a dedicated
  • XP system application skills
  • XP system basics
  • Xp FAQ
  • About XP system tutorial

    • ModernMix runs new interface applications on Win8 traditional desktops

    Win8 system backup and disk partition

    What should I do if the Win10 AMD graphics card stops working after setting the application mode?

    Several reasons for Windows 7 to subvert the Vista system

    Techniques for Handling Shared Interrupts in Linux

    Solve the problem of Firefox uncontrolled memory usage

    Lenovo computer Win7 system in the BIOS to enable the network card tutorial

    What should I do if the win7 system computer volume is adjusted to the maximum sound or is it small?

    Remove the useless items in Windows XP "Custom Notifications"

    What should I do if win8.1 encounters error 651?

  • Windows XP System Tutorial
  • Windows 7 System Tutorial
  • Windows 8 System Tutorial
  • Windows 10 System Tutorial
  • Windows 2003 System Tutorial
  • Windows 2008 System Tutorial
  • Windows Vista System Tutorial
  • Windows tutorial synthesis
  • Windows Server System Tutorial
  • Linux system Tutorial
  • Computer software Tutorial
  • Windows NT Tutorial
    • Copyright © Windows knowledge All Rights Reserved