More vulnerabilities are found in Microsoft Windows XP SP2!

According to security researchers, they began to discover a vulnerability in Microsoft's latest security upgrade software Windows XP SP2.

The German Heise security vendor reported last week that the two vulnerabilities in Windows XP SP2 can be used to bypass the security warning boxes displayed when running untrusted software, this provides an opportunity for possible attackers to run code on a user's PC.

A senior security researcher at PivX solutions, a security vulnerability assessment vendor, said on Wednesday that more vulnerabilities related to Windows XP SP2 still need to be disclosed. Since the launch of Windows XP SP2, rahomm has been searching for Windows XP SP2 vulnerabilities and has reported several issues to Microsoft, but he has not elaborated on the details. He said that in the next few weeks, we will certainly see a critical vulnerability in Windows XP SP2, and in the next few months, the worm will be able to prevent Windows XP SP2 from being detected and killed. Rahomm has discovered dozens of vulnerabilities in the Windows XP operating system and IE browser over the past few years, and maintains a web page that shows vulnerabilities that have not been fixed in IE.

Microsoft did not argue whether it had received a report about a new vulnerability in Windows XP SP2, but said that the company's researchers have been studying the question raised by Heise, and has achieved the expected results. According to a representative of Microsoft, the company's security response center is investigating and researching these reports. This function is used to prevent users from executing unknown files. At present, we have not found that hackers can bypass this function by email or browser.

Security researchers also pointed out that Microsoft's security technology integrated in Windows XP SP2 has not solved some well-known problems. Although the firewall feature has been improved, it can still bypass any software running on a local machine, according to mark mcfret, Chief Officer of the security software vendor eEye digital security company responsible for hacker affairs, this is also a problem with most personal firewalls. These vulnerability reports may allow enterprises to make further decisions on installing Windows XP SP2. Many enterprises have already said that they will not install Windows XP SP2 before a full test.

By changing the operating system code and configuration, Windows XP SP2 aims to improve the security performance of Windows XP operating systems when processing network data, Software Memory, browsing activities, and emails. In addition to automatic software upgrades, Microsoft will allow information technology managers to download software from an enterprise for upgrading their machines. As for Windows XP operating system vulnerabilities, mcfret said that the upgrade aims to add more new protection functions and better configuration, this improves the security performance of Windows XP, rather than discovering all security vulnerabilities. Microsoft has never promised that SP2 can shut down all vulnerabilities in Windows XP, he said.