[Full-Disclosure] Microsoft Windows XP SP2
Michael Young
mikeyoung at milestechnologies.com
Thu Aug 19 20:22:50 BST 2004
Confirmed icon vulnerability as working on SP1 and SP2. I found that
regedit.exe, winhelp.exe, and explorer.exe are also vulnerable and display
their corresponding icon. I am unsure as to how useful this is as a
vulnerability, but it shouldn't be present none the less.
Michael Young
IT Consultant
Miles Technologies
(856)439-0999
-----Original Message-----
From: full-disclosure-admin at lists.netsys.com
[mailto:full-disclosure-admin at lists.netsys.com] On Behalf Of
http-equiv at excite.com
Sent: Thursday, August 19, 2004 11:35 AM
To: full-disclosure at lists.netsys.com
Subject: [Full-Disclosure] Microsoft Windows XP SP2
Let's commence by giving credit where credit is due. The
thinking is that the manufacturer of Windows XP has done a
splendid job in patching their little operating system with 300
million dollar's worth of fixes. This is not exactly 'pocket
change'.
But this is:
1. trivial scripting in the local zone
2. notepad icon regardless of file in XP's little zip thing
http://www.malware.com/malware.sp2.zip
many other 'bits and pieces' to be had but overall a splendid
effort on the manufacturer's part [for now]. Not quite sure
where all that money went though.
End Call
--
http://www.malware.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Full-Disclosure is hosted and sponsored by Secunia.