Is there a fix for the xp logoff vulnerability?

Discussion in 'Windows Desktop Systems' started by Powerchordpunk, Mar 16, 2002.

  1. I'm sure you all remember the vulnerability in Windows XP where a script can logoff the user in windows XP. Is there any patch or at least a knowledge base article for this. Viewing the script, I think you could run any file on xp if you knew the extension.

    I'm posting my preview page. Don't go to the following link. It will only log you off of Windows XP if Active Scripting is enabled or you allow the script to run. Turn off active scripting now and go to the page so you can view the source. Can any known file be executed?

    click at your own risk --> XP Logoff Vulnerability Sample
     
  2. Lactic.Acid

    Lactic.Acid Guest

    I don't think there is, and for posterity's sake, I would suggest, if you feel the need to post yet another demo site, just type the address rather than make the url a link...some people are just click-happy, and granted it's their fault for being so, but still...
    /Lactic
     
  3. MiseryQ

    MiseryQ Guest

    HEY DON'T DO THAT!!! :D...

    That trick works on Win2kADS too...
     
  4. Qumahlin

    Qumahlin Moderator

    Messages:
    2,006
    actually that trick works on any NT version of windows with active scripting enabled, thats why I have norton and IE set to ask before running any scripts, saves you the hassle of having to go through stuff like that :p
     
  5. max

    max Guest

  6. insaNity

    insaNity Guest

    its not just logoff, it can launch any program INCLUDING DELTREE :eek:

    Microsoft have known about it for MONTHS

    I can't believe there is no fix. This proves MS do not give a damn about security.
     
  7. Qumahlin

    Qumahlin Moderator

    Messages:
    2,006
    before it launches deltree or such you have to confirm it. or else you'd see so many viruses with this type of exploit it would be out of control :p, just turn off active scripting, you most likely don't need it, or set it to ask before running.
     
  8. insaNity

    insaNity Guest

    Not with default settigns.
     
  9. Lonman

    Lonman Bleh!

    Messages:
    2,642
    My XP must be broke... I can never get that vulnerability to (ahem) 'work' for me (it doesn't log me off). :p
     
  10. Shamus MacNoob

    Shamus MacNoob Moderator Political User

    Messages:
    4,199
    Location:
    L'Ile Perrot Quebec
    I turned off the active scripting thats fine but for some reason NAV2002 did not see that and I would get logged off .....and yes the block scripts is on in NAV ..... wonder what the hell thats all about ...........anyways for now the active scripting is off but worries me NAV let that pass
     
  11. Lonman

    Lonman Bleh!

    Messages:
    2,642
    I just figured out why I don't get logged off... I have XP install on my D: partition... the script is written to target the C: partition/drive. So there's one workaround for you. ;)
     
  12. Shamus MacNoob

    Shamus MacNoob Moderator Political User

    Messages:
    4,199
    Location:
    L'Ile Perrot Quebec
    Thats cool ........ but dont you think NAV2002 should be able to stop it ???
     
  13. Qumahlin

    Qumahlin Moderator

    Messages:
    2,006
    NAV isn't stopping it because it isn't listed as a malicious script. it's passing a command to log off, which doesn't cause any damage unless you were writing a report or something..and even then if you have a newer version of word or whatnot it would be autosaved...so NAV lets it pass =/
     
  14. Shamus MacNoob

    Shamus MacNoob Moderator Political User

    Messages:
    4,199
    Location:
    L'Ile Perrot Quebec
    Yes looking back at that you are 100% right Q just sucks is all LOLOLOLOL oh well maybe microscrap will figure something out eh .........
     
  15. I know know that Trend Micros sees it. Well, it least it saw it when I did the free online scan. Didn't delete the page though, since I want it. I'll bet PC-Cillin stops it.