Controversial XP flaw now under attack

An “irresponsibly disclosed” flaw in the Help and Support Centre of Windows XP is now under attack, according to security firm Sophos.

Controversial XP flaw now under attack

Last week, Google researcher Tavis Ormandy publicly revealed the flaw only five days after warning Microsoft about it.

If a user visits one of the compromised websites that Sophos has detected, a trojan can sneak in through the vulnerability and take over the computer.

Microsoft has updated the security bulletin for the flaw, noting it was “aware of limited, targeted active attacks that use this exploit code.”

The software giant’s security communications director Jerry Bryant told CNet that he expected there will be more attacks “given the public disclosure of full details of the issue.”

The public nature of the bug disclosure angered a few, including Sophos’ security consultant Graham Cluley. “In my opinion publishing exploit code was utterly irresponsible behaviour, and I was worried that having such information floating around the internet would make it easy for cyber criminals to take advantage,” said Cluley in a Sophos blog post, noting “predictably enough” that has now happened.

Ormandy hasn’t yet replied to our request for comment, but said via Twitter: “I report so many bugs, that I did think I would get the benefit of the doubt. Lesson learned I guess.”

Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.

Todays Highlights
How to See Google Search History
how to download photos from google photos