Windows XP SP1 Vulnerable to Attacks Based on MS05-039 Flaw

Microsoft posted a security advisory to warn customers using "Simple File and Print Sharing" on systems running Windows XP Service Pack 1 that they are at increased risk for the flaw patched two weeks ago in bulletin MS05-039.

That flaw provided the foundation for the rapidly developed Zobot worm that took down servers at major media outlets and several other high-profile companies running Windows 2000.

"We are now aware of a very narrow and limited case on Windows XP SP1 whereby an unauthenticated attack might be possible. It's pretty specific (and … if you are on Windows XP SP2 or have applied MS05-039, you are not impacted by this)," Debby Fry Wilson wrote on the Microsoft Security Response Center blog Wednesday.

Wilson noted that there is no known attack that is seeking to exploit the scenario, and Microsoft provided a long list of mitigating factors for the flaw. Aside from having no effect if Windows XP SP2 or MS05-039 is installed, the flaw depends on Simple File Sharing, which is not enabled by default and isn't available on systems that are joined to a domain rather than a peer-to-peer workgroup. The flaw also could not be exploited on systems running a firewall, Wilson wrote.

Previously, Microsoft had stated that no unauthenticated attacks could travel across a network in Windows XP or Windows Server 2003. The company since realized that the way Simple File and Print Sharing automatically enables a Guest account and grants it permission to access files across the network can be exploited remotely by an unauthenticated user.

Click here to view Microsoft's security advisory.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.


  • The 2020 Microsoft Product Roadmap

    From the next major update to Windows 10 to the next generations of .NET and PowerShell, here's what's on tap from Microsoft this year.

  • 2020 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss. (Now updated with COVID-19-related event changes.)

  • Microsoft, Google and IBM Among First Members of Open Source Security Group

    Microsoft has joined a high-powered group of tech giants in a new industry foundation aimed at improving the security of open source software.

  • Microsoft In Talks To Acquire TikTok

    A deal between Microsoft and Beijing-based ByteDance is in the works that would have Microsoft acquiring some of ByteDance's holdings in the TikTok social media service.

RCP Update

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.