Is there a fix for the xp logoff vulnerability?



I'm sure you all remember the vulnerability in Windows XP where a script can logoff the user in windows XP. Is there any patch or at least a knowledge base article for this. Viewing the script, I think you could run any file on xp if you knew the extension.

I'm posting my preview page. Don't go to the following link. It will only log you off of Windows XP if Active Scripting is enabled or you allow the script to run. Turn off active scripting now and go to the page so you can view the source. Can any known file be executed?

click at your own risk --> XP Logoff Vulnerability Sample


I don't think there is, and for posterity's sake, I would suggest, if you feel the need to post yet another demo site, just type the address rather than make the url a link...some people are just click-happy, and granted it's their fault for being so, but still...


OSNN Veteran Addict
actually that trick works on any NT version of windows with active scripting enabled, thats why I have norton and IE set to ask before running any scripts, saves you the hassle of having to go through stuff like that :p


its not just logoff, it can launch any program INCLUDING DELTREE :eek:

Microsoft have known about it for MONTHS

I can't believe there is no fix. This proves MS do not give a damn about security.


OSNN Veteran Addict
before it launches deltree or such you have to confirm it. or else you'd see so many viruses with this type of exploit it would be out of control :p, just turn off active scripting, you most likely don't need it, or set it to ask before running.

Shamus MacNoob

OSNN Veteran Addict
Political User
I turned off the active scripting thats fine but for some reason NAV2002 did not see that and I would get logged off .....and yes the block scripts is on in NAV ..... wonder what the hell thats all about ...........anyways for now the active scripting is off but worries me NAV let that pass
I just figured out why I don't get logged off... I have XP install on my D: partition... the script is written to target the C: partition/drive. So there's one workaround for you. ;)


OSNN Veteran Addict
NAV isn't stopping it because it isn't listed as a malicious script. it's passing a command to log off, which doesn't cause any damage unless you were writing a report or something..and even then if you have a newer version of word or whatnot it would be NAV lets it pass =/

Shamus MacNoob

OSNN Veteran Addict
Political User
Yes looking back at that you are 100% right Q just sucks is all LOLOLOLOL oh well maybe microscrap will figure something out eh .........


I know know that Trend Micros sees it. Well, it least it saw it when I did the free online scan. Didn't delete the page though, since I want it. I'll bet PC-Cillin stops it.

Members online

Latest posts

Latest profile posts

Perris Calderon wrote on Electronic Punk's profile.
Ep, glad to see you come back and tidy up...did want to ask a one day favor, I want to enhance my resume , was hoping you could make me administrator for a day, if so, take me right off since I won't be here to do anything, and don't know the slightest about the board, but it would be nice putting "served administrator osnn", if can do, THANKS

Been running around Quora lately, luv it there
Electronic Punk wrote on Perris Calderon's profile.
All good still mate?
Hello, is there anybody in there? Just nod if you can hear me ...
What a long strange trip it's been. =)

Forum statistics

Latest member