Рет қаралды 244
Visit my Linktree to access my socials and other channels: linktr.ee/mausolfb
-----------------------------------------------------------
. In the initial release of Microsoft's Windows XP operating system an exploit was soon discovered by security experts within the new "Help and Support Center" (HSC) that enabled malicious websites, e-mail messages and other means using URLs to delete files on the host machine. HSC is a feature of Windows XP that added enhanced support capabilities for troubleshooting in Windows and one of those involved troubleshooting hardware. One option was building an XML file of your system's hardware information and sending that to Microsoft for diagnosis. Afterwards HSC would delete the generated XML file from the host machine when HSC is closed. It's this in particular where the exploit stems from. Some special-made utilities and Service Pack 1 would patch this exploit.
The exploit: By abusing the HSC's HCP reference URL (hcp://) a link could be generated that used the hardware diagnostics section of HSC and by combining it with arguments to point to a folder can delete specific/all files in specified directory. Users would click on the link on malicious websites, chatrooms, etc or through e-mail messages (sometimes it is embedded within the e-mail to run automatically when viewed) to run the exploit. However the exploit uses simple file deletion therefore file permissions and other file conditions are still enforced. So if a file is in use or has special permits that prohibit deletion/modification then the exploit halts at that point and does not continue.
The Screen Savers segment on this exploit: • The Screen Savers - Bo...
Microsoft Security Bulletin on this exploit: learn.microsoft.com/en-us/sec...
The XPdlite utility featured for patching this exploit: www.grc.com/xpdite/xpdite.htm
-----------------------
Like the Facebook page: / brian.mausolf
Follow me on Twitter: / mausolfb