Sign in / up

back to article MS probes bug that turns PCs into 'public file servers'

Microsoft has begun investigating a flaw in IE that most affects older versions of Windows, and turns vulnerable systems into a "public file server". The vulnerability means that hackers might be able to access files with an already known filename and location, providing they can trick users into visiting a maliciously …

COMMENTS

House rules Send corrections
This topic is closed for new posts.
  1. Anonymous Coward
    FAIL

    'nuf said

    ANOTHER vulnerability in Windows/IE. You couldn't make it up!!!!

    4 1
  2. adam payne
    Joke

    lol

    I always wanted my own file server but not in this way.

    0 0
  3. Robert Carnegie Silver badge

    So, move contents of My Documents to...

    ...a sub folder named asdf.asdf.qwerty123 ?

    0 0
    1. Bilgepipe
      Reply Icon

      asdf.asdf.qwerty123

      Now the whole internet knows where you keep your documents.

      4 0
    2. Chris Dupont
      Reply Icon
      Coat

      That's good to know.

      Cheers!

      0 0
  4. Anonymous Coward
    Anonymous Coward

    Solution to the problem

    Here is a linux disk, insert it and reboot.

    2 0
    1. Anonymous Coward
      Reply Icon
      Unhappy

      Yeah right

      If only if were that easy...

      0 0
    2. Trevor Pott o_O Gold badge
      Reply Icon

      @AC 15:49

      OH SHI-

      WINE won't run my critical line-of-business and industry specific applications, and there are no credible linux-ported alternatives that have passed even first round testing!

      *RDP's back into his XP VM*

      Ah there we go...now I can get back to making money.

      1 1
  5. Anonymous Coward
    FAIL

    "information disclosure" bug...

    ..is one way of describing it and of course being able to get key files from the directory structure (which being Windows will, in 99.9% of cases be c:\windows) isn't really a problem is it?

    I mean being able to run off with things like the remembered form values and passwords from IE isn't really an issue is it......

    How many people will have stored important info in files called passwords.txt or passwords.doc in their home directory.

    0 0
  6. nobby
    Black Helicopters

    isnt it strange

    how many exploits that only affect Win XP have come out since Win 7 was launched?

    5 0
  7. Nebulo
    Happy

    But, ossifer,

    ... those porn flicks and warez must mean somebody's cracked my Windows peecee ... not mine ... onnist ...

    0 0
  8. I_am_Chris
    Black Helicopters

    This is perfect for MS

    Finally, a reason for the XP holdouts to upgrade to Win7.

    Has anyone found out exactly the source of this vulnerability or was the black-hat tipped off (by MS)?

    4 0
  9. Bill Neal
    Coat

    Safety in openness

    obviously one more reason to use Firefox.

    1 0
  10. Mage Silver badge
    Flame

    As with most

    A real HW firewall/NAT router will protect you.

    0 0
  11. John Sanders
    Alert

    Is it only me...

    Or Windows XP is suddenly a pile load of insecure old trash...

    Oh wait Windows 7 is the most secure windows ever...

    Silly me.

    0 0
  12. Martin Edwards
    Stop

    Terminology

    The description of this situation does not tally with any common definition of a public file server. There's no excuse for such misinformation and hype.

    0 0
  13. Mark Allen

    Docs safe, applications less so?

    If the exact filename and path is needed, this should mean your Documents are safe as the hacker will need to know your username to locate C:\Docs n Settings\Username\My Documents\passwords.txt

    BUT... this surely means it is trivial to locate programs in the Windows folder. Like the registry files in c:\windows\system32\config\.

    Is this also the same bug where the executables are usable? Did I read the demonstration ran c:\windows\calc.exe? As that would be a pain as C:\windows\regedit.exe is in the same place on everyone's windows PC.

    Ah... of course... it is just a ploy to get everyone to upgrade from XP to Win7.

    0 0
  14. Anonymous Coward
    Coffee/keyboard

    OK

    Time to dig out those Win3.11 disks and use IE3.

    Disadvantages - no flash (boo hoo, like I ever use it)

    Advantages: No-one writing viruses for it any more so I'm unlikely to have my machine compromised.

    0 0
    1. Anonymous Coward
      Reply Icon
      Coat

      Tried it...no go

      You may laugh, but I already tried that already (MS Virtual PC), and apart from dire colour resolution, there's no 16 bit browser available that can handle any of the current web technologies. The 'old' browsers either hang or can't render code properly. With a higher colour resolution and a capable browser 3.11 would be a great portable web OS

      0 0
This topic is closed for new posts.

Other stories you might like