Page 1 of 2 12 LastLast
Results 1 to 15 of 19
  1. #1
    Plutonium Lounger
    Join Date
    Oct 2001
    Location
    Lexington, Kentucky, USA
    Posts
    12,107
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: READ THIS NOW! (WXP pre-SP1)

    What is this link, Fish? When I access it, my McAfee jumps up telling me I've accessed a virus infected file. The only choice it offers me is to delete the file from my (I guess) cache, so I did that! I dropped out and did a complete system scan and it seems I'm OK. What's the story? If this is a risk IP address, I think the post should be deleted immediately. I entered the IP address alone, as a URL and it shows a picture of George Bush and when I looked it up with Neo Trace it says it belongs to Shaw Cable in Alberta. What's going on?

  2. #2
    Platinum Lounger
    Join Date
    Jan 2001
    Posts
    3,788
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: READ THIS NOW! (WXP pre-SP1)

    It refers to a security flaw that could potentially allow for all files in a directory to be deleted. Another site with details and a fix for this is at http://grc.com/xpdite/xpdite.htm

  3. #3
    Super Moderator
    Join Date
    Dec 2000
    Location
    Renton, Washington, USA
    Posts
    12,560
    Thanks
    0
    Thanked 4 Times in 4 Posts

    Re: READ THIS NOW! (WXP pre-SP1)

    They are BOTH nothing but ads to sell you " XPdite". They are using the headlines of todays issues out of MS to sell their products.
    <img src=/S/bwaaah.gif border=0 alt=bwaaah width=123 height=15>

    Now running HP Pavilion a6528p, with Win7 64 Bit OS.

  4. #4
    Plutonium Lounger
    Join Date
    Oct 2001
    Location
    Lexington, Kentucky, USA
    Posts
    12,107
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: READ THIS NOW! (WXP pre-SP1)

    Dave AND Tony: Did either of you VISIT the link Fish provided and if you did, did you receive a warning from your antivirus software about contamination of any kind? I'm trying to sort out whether I had a "false alarm" (in which case it happened twice) or if that link is a malicious site, one of the "you better not visit THIS URLs." XPdite is free and I have it installed, so I wouldn't think that would cause me to have a unique problem with (at) that URL. It's rather unusual to see URLs floating around in IP number form, rather than name. I'm a suspicious guy I guess, but I'd like to be sure in this case.

    Oh, one more thing. Take OFF the helpcenter.htm from the link and just visit the raw IP number. Then tell me if that looks like a legitimate sales site.....

  5. #5
    3 Star Lounger
    Join Date
    Aug 2001
    Location
    Darkest Kent, UK., Kent, England
    Posts
    257
    Thanks
    0
    Thanked 0 Times in 0 Posts

    READ THIS NOW! (WXP pre-SP1)

    <P ID="edit" class=small>(Edited by Claude on 06-Oct-02 01:21. removed clickable hyperlink to avoid possible virus warnings by some AV software)</P>Apologies if this is old news to you. If you don't know, get to know. BIG hole in XP security.

    Take a look: http://24.78.2.184/helpcenter.htm

    NB:Those with SP1 loaded don't need to worry (apparently).

  6. #6
    Platinum Lounger
    Join Date
    Dec 2000
    Location
    Hornsby Heights, New South Wales, Australia
    Posts
    3,822
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: READ THIS NOW! (WXP pre-SP1)

    As mentioned by DaveA, this appears to be nothing more than an attempt to push some software product. Furthermore, it is definitely not a good idea to post links based on IP numbers. The given number resolves to a user at tb.shawcable.net, an unknown person with a permanent cable connection. The language used on some of pages on that site is definitely no keeping with the lounge philosophy. Hence my editing of your post.
    Cheers, Claude.

  7. #7
    Platinum Lounger
    Join Date
    Dec 2000
    Location
    Hornsby Heights, New South Wales, Australia
    Posts
    3,822
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: READ THIS NOW! (WXP pre-SP1)

    It looks to me as though McAffee is giving you a false positive BigAl, It's probably reacting to the script items shown on that page. My AV didn't react until I created an actual script out of the contents on that page. Thanks for your warning though.
    Cheers, Claude.

  8. #8
    4 Star Lounger
    Join Date
    Jan 2002
    Location
    USA
    Posts
    531
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: READ THIS NOW! (WXP pre-SP1)

    One of the most significant things about this security flaw that has been covered in posts since early September that is fixed by naming the file anything else, or simply deleting it, and that Microsoft addressed with SP1 is that Microsoft and their ex-US Attorney 'Security Czar' made more efforts covering the flaw up for eleven weeks prior to September 9, than they have in patching it and energy that could have gone toward OS improvements like adding scanreg /restore from the run box which is sometimes superior to System Restore or making the Search Companion find more of what it is supposed to. Cover up can be justified for a small amount of time perhaps to give Redmond a chance to patch the never-ending flaws in their code, but never for eleven weeks--and this was not a small pin prick--it was a huge chance for someone to wipe out directories in any XP work station anywhere.

    defrag

  9. #9
    Plutonium Lounger
    Join Date
    Oct 2001
    Location
    Lexington, Kentucky, USA
    Posts
    12,107
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: READ THIS NOW! (WXP pre-SP1)

    Well, thanks for the study, Claude. I hope Fish won't think I'm a "Chicken Little" when he comes back. Just so you guys see what I saw, I'll include a screen shot of what popped up. I made it so I could see what element in the cache was being flagged. I don't know whether McAfee is smarter than the competition for being able to pick up one single command on a web page that would be dangerous, OR is it dumber for not being able to recognize the this really isn't a script that would do harm. I don't know, but I'd rather be warned than be sorry later - as long as it doesn't happen TOO often. Thanks again, Claude!
    Attached Images Attached Images

  10. #10
    5 Star Lounger PaulB's Avatar
    Join Date
    May 2002
    Location
    Ottawa, Ontario
    Posts
    765
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: READ THIS NOW! (WXP pre-SP1)

    I visited this site and got the same McAfee warning. Checked out the site. Appears to be just another vanity shrine.

    The reference to XPdite is valid, though. This utility was developed by Steve Gibson (of ShieldsUp fame) at GRC.com. Those of you familiar with Fred Langa's LangaList will know he thinks rather highly of ShieldsUp and what it can do to point out security deficiencies on your internet connection.

    The utility is free (I downloaded/installed it prior to SP1). Those of you who have installed SP1 don't need it.

    Cheers,
    Regards,
    PaulB

  11. #11
    Uranium Lounger viking33's Avatar
    Join Date
    Jun 2002
    Location
    Cape Cod, Massachusetts, USA
    Posts
    6,308
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: READ THIS NOW! (WXP pre-SP1)

    Big Al,
    I went out to the site also and did not get any virus alert from Norton, with and without the helpcenter add on. I think it's another false positive from McAfee.
    But, maybe it's better to be safe than sorry!
    Bob
    BOB
    http://lounge.windowssecrets.com/S/flags/USA.gif http://lounge.windowssecrets.com/S/f...sachusetts.gif


    Long ago, there was a time when men cursed and beat on the ground with sticks. It was called witchcraft.
    Today it is called golf!

  12. #12
    Plutonium Lounger
    Join Date
    Oct 2001
    Location
    Lexington, Kentucky, USA
    Posts
    12,107
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: READ THIS NOW! (WXP pre-SP1)

    OR, is it possible that your AV software isn't as good as mine at catching the little bitty stuff that could now be lying in wait to STRIKE! Just kidding, of course, we know that wouldn't happen. Keep waiting for Fish to surface again. He must've swum (swam, swimmed or whatever) out to deep water for a weekend holiday!

  13. #13
    Uranium Lounger viking33's Avatar
    Join Date
    Jun 2002
    Location
    Cape Cod, Massachusetts, USA
    Posts
    6,308
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: READ THIS NOW! (WXP pre-SP1)

    Arrgh, the NortonMcafee wars rears it's ugly head again!!!!!!!!! <img src=/S/notmyfault.gif border=0 alt=notmyfault width=15 height=15> <img src=/S/sorry.gif border=0 alt=sorry width=15 height=15> <img src=/S/smile.gif border=0 alt=smile width=15 height=15>
    Who knows, Al, maybe it's just from your part of the country? HA !
    Bob
    BOB
    http://lounge.windowssecrets.com/S/flags/USA.gif http://lounge.windowssecrets.com/S/f...sachusetts.gif


    Long ago, there was a time when men cursed and beat on the ground with sticks. It was called witchcraft.
    Today it is called golf!

  14. #14
    Uranium Lounger
    Join Date
    Jan 2001
    Location
    Cincinnati, Ohio, USA
    Posts
    7,089
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: READ THIS NOW! (WXP pre-SP1)

    Isn't the "cover up" a moot point now that there is a fix available?
    -Mark

  15. #15
    4 Star Lounger
    Join Date
    Jan 2002
    Location
    USA
    Posts
    531
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: READ THIS NOW! (WXP pre-SP1)

    I don't think it's moot now with all respect due Mark, and neither do a lot of other people :


    1) Eleven weeks was too long to withold the security flaw that could wipe out directories--it wasn't a small flaw like some of the other 55 to date.


    2) They will do it again, and again, and again and the coverup is not about keeping the flaw from being exploited since they know plenty of people are/were onto the exploit-who could do systems damage-it's about Redmond image. I also find it disingenuous for an ex-US Attorney who was named MS Security Czar, Scott Charney in April to have covered up for eleven weeks--but not out of character for the current and recent DOJ. Disingenuous is the order of the day for them.

    3) The company that revealed it to the most people was owned by and did so with Paul Allen's blessing--it was his company, Vulcan Entertainment's Tech TV:
    How Did We Handle the XP Security Hole?


    4) As you can tell by reading threads here and other places, some people are ambivalent about adding SP1--aren't aware of changing the file's name or deleting the PC Health file, and for them it wouldn't be moot--and they paid good money for an OS that wouldn't allow a simple exploit to wipe them out. I just saw a question on an msn xp newsgroup about buying an SP1 out of a box. That person could be waiting a long time for the covered up flaw to be moot.


    5) Although it may be difficult to understand all the nuances and intricacies--for me at least, anyone can understand that Microsoft writes the most code--and it follows that they are the #1 target for security exploits--but with all their resources they could do better than approximately 55 patches since October 25, 2001 and as John Dvorac's recent PC Mag article points out patches spawn bugs as you know better than I. And not as much is written about the bugs from the cascade of patches (close to 55 to date and it will be close to 60 at the end of the week) for Windows XP.

    defrag

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •