Barney's Blog

Blog archive

No Surprise: Exposed XP Flaw Now Exploited

On Monday I told you how Google publicly disclosed an XP Help flaw that had yet to be patched. As of then, there were no reported attacks, but I wondered aloud how long it would take to exploit this now well-known and understood hole.

It didn't take long -- Microsoft now says hackers are now going after the flaw which allows for remote code execution.

Some of you were on Google's side, arguing that Microsoft has no real motivation to fix a hole if no one knows about it. Others believe it is irresponsible to tell hackers how they attack our software. The latter group seems to have some pretty good evidence on their side.

What is your take? Let me know at [email protected]

Posted by Doug Barney on June 18, 2010 at 11:53 AM


Featured

  • The 2022 Microsoft Product Roadmap

    Microsoft has a lot in the docket for 2022, including new products like SQL Server 2022, Exchange Subscription Edition and Visual Studio 2022 for Mac.

  • Microsoft Releases Entra Verified ID Service

    Microsoft announced on Monday the "general availability" of Microsoft Entra Verified ID, a new service that promises a more deliberate way for individuals and organizations to share identity information.

  • 2022 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Microsoft Muddies Water with Microsoft 365 Services and Office Connection

    Microsoft has gone out of its way to making the Office 2016 and Office 2019 connections to Microsoft 365 services unclear and confusing.