Discussion in 'other security issues & news' started by Nanobot, Jul 23, 2014.
and so it begins
I'm surprised that there weren't more 0-day vulnerabilities disclosed for Windows XP in previous months. I'm sure there will be others following this one.
That is because you believed FUD/propaganda that originated from Microsoft
But leaving that aside, while I'm sure that more vulnerabilities will be found in Windows XP, I don't think that their number will be as big as people were afraid it would be...
Well, not really I just thought that hackers/agencies/governments would stockpile vulnerabilities and start using them after XP support has ended. Though they might be saving them and will use them when they'll need them.
"Affected Product: Bluetooth Personal Area Networking"
So you have to have a Bluetooth device on your XP machine and it seems communicate with that device to inject the nasty. It would require the hacker to be within feet of your computer...
More vulnerabilities will soon emerge...
No, it just requires that you have that driver installed and to be able to run code on that computer. However, if you don't use Bluetooth you don't even have that BthPan.sys unpacked on your XP computer (from my experience), so there is no chance for an attacker to exploit this vulnerability.
I checked my Windows XP VM installation and found BthPan.sys extracted in c:\windows\system32\drivers folder although I have no Bluetooth device installed. I also never installed or attached any BT device. However I don't know if the driver is loaded during system startup.
Use Sysinternals Autoruns to check whether it's loaded?
Edit: or buy Windows 7 and some RAM. Or a decent used computer, Pentium D era or later. Seriously, I love messing around with old hardware, but there's a point at which the increased capabilities of new machines start to justify spending money. (Especially given the maintenance time that can go into maintaining old machines.)
Windows XP is dead, time to get a new O/S.
Home or Pro?
On my Home SP3 the only place where that file resides is inside c:\WINDOWS\Driver Cache\i386\sp3.cab
Windows XP Pro Sp3 with all updates installed.
That might explain the difference.
I used Autoruns and it doesn't show it as loaded, so it looks like it's just extracted there in case user ever attaches BT device to computer.
I use Windows XP in Virtualbox for testing purposes only. I use Windows 8.1.1 for my computing...
Same here. Can you just blacklist that driver? Or because I'm using Driver Radar Pro, can it just be removed from my DRP Whitelist?
CVE-2014-4971 includes more than has been mentioned in this thread so far.
They might not be nice enough to tell us what they have .
Interesting, indeed. From the link you posted, it seems that there are two different vulnerabilities that are exploited in (roughly) the same way.
I wouldn't count on it
It`s kind of exciting, the start of the avalanche and kind of, is that all ?
Yawn, the same old mantra. I have a perfectly health Lenovo Tablet that runs XP Tablet. Upgrading it would be a mess. I see no reason to as the software that protected it for the 3 years I did no windows updates is still protecting it. No infections.
@MrBrian, is the MQAC driver loaded on a typical XP Home or Pro desktop install? Because the Message Queuing service that uses it is not installed by default:
LOL ! I have a Lenovo Tablet that I use to get my car out of snow drifts as the all Chinese bits give extra grip. Seriously, no one would keep and aged non supported O/S in service with anything important on it.
Do you have XP SP4 installed yet ? Amusing thread here, too.
That link is more Microsoft FUD. You didn't read what I wrote. I haven't done windows updates on that machine for 3 Years, I repeat 3 years. I've used the same software to protect that I am still using. NO INFECTIONS. I see no reason to retire it until it fails.
And no I wouldn't even consider that SP4
Separate names with a comma.