• Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Rogue Anti Spyware
    • Virus
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools

My AntiSpyware

Free antispyware software, Online Scanners, Instructions on how to remove spyware and malware.

Menu
  • Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Rogue Anti Spyware
    • Virus
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools
Home › Exploits & Vulnerabilities › Windows XP SP1 and Windows 2000 DoS vulnerability

Windows XP SP1 and Windows 2000 DoS vulnerability

Myantispyware team November 21, 2005     No Comment    

A potential vulnerability in Windows 2000 Service Pack 4 and Windows XP Service Pack 1 has been publicly revealed by the French Security Incident Response Team. The organisation has drawn the ire of Microsoft by publishing details of a proof-of-concept exploit that targets the vulnerability.

According to the author, a specially crafted request to upnp_getdevicelist can cause services.exe to eat up memory to a point where the target machines virtual memory gets exhausted. As result, user requests like opening a window would slow to the point of not executing at all and precipitating a denial of service attack

Microsoft has admitted that the exploit is genuine. In a security advisory it confirmed the vulnerability with Windows 2000 and Windows XP Service Pack 1. However, Redmond points out that for the exploit to work on XP SP1, the hacker would have to have a valid login although the affected component is accessible by remote users with standard accounts. The company also confirmed that users with XP Service Pack 2 are not affected.

Microsoft is a little tetchy about the release of the exploit saying that it was ‘concerned that this new report of a vulnerability… was not disclosed responsibly, potentially putting computer users at risk’.

Exploits & Vulnerabilities

Author: Myantispyware team

Myantispyware is an information security website created in 2004. Our content is written in collaboration with Cyber Security specialists, IT experts, under the direction of Patrik Holder and Valeri Tchmych, founders of Myantispyware.com.

Leave a Reply Cancel reply




New Guides

Qqlc virus file
How to remove Qqlc ransomware, Decrypt .qqlc files.
If you are 18 click Allow scam
If you are 18+ click Allow SCAM (Virus removal guide)
Win new Apple iPhone 13 Scam
Win new Apple iPhone 13 pop-up scam (Virus removal guide)
Edetaailshi.hair scam
Edetaailshi.hair Virus Removal Guide
News-zujaha.cc scam
News-zujaha.cc Virus Removal Guide

Follow Us

Search

Useful Guides

Best free malware removal tools
Best Free Malware Removal Tools 2020
adwcleaner
AdwCleaner – Review, How to use, Comments
How to reset Internet Explorer settings to default
Managed by your organization chrome virus
Chrome Managed by your organization malware removal guide
Tech Support Scam
Remove Tech Support Scam pop-up virus [Microsoft & Apple Scam]

Recent Posts

Malicious .biz site and browser vulnerabilities
Protecting kids from spyware, adware and malware
How to show hidden files in Windows
Lock down your browser
IE-SPYAD: Restricted Sites List for Internet Explorer

MYANTISPYWARE.COM

  • About Us
  • Contact Us
  • Privacy Policy

NEED A HELP ?

If you're seeing unwanted pop-ups or ads in your web-browser, you might have an adware installed on your computer. Use the following guide to stop pop-up ads and remove malicious software. Or ask for help here.

Links

  • Downloads
  • Instructions
  • Questions and Answers
  • Free Malware Removal Tools
Copyright © 2004 - 2022 Myantispyware.com - Free antispyware programs and Spyware Removal Instructions.