You are here: ZDNet UK > Reviews > Software > Operating systems

Desktop platforms Toolkit

Windows XP: bugs

Jim Aspinwall ZDNet US and ZDNet.co.uk

Published: 24 May 2002

Microsoft would have us believe that XP is the most secure operating system it has released to date. But the nine security updates the company has released since XP's launch belie that claim.

In fact, one problem -- buffer overrun vulnerabilities in Internet Explorer and Universal Plug and Play (UPnP) -- poses such a severe threat that the FBI got involved. Microsoft says that a hole in the Plug and Play software could conceivably allow a malicious hacker to take complete control of your PC. Worse, the security hole applied to every XP user -- the OS ships with Universal Plug and Play turned on by default. Don't have the patch yet? Get it now at Microsoft's TechNet site. Additional new security patches include a fix for the Microsoft Java Virtual Machine, which, if left unpatched, can let Java applets from Web sites silently reroute all browser traffic to the applet's host without the user's knowledge. Yet another patch fixes an ‘Unchecked buffer in the Multiple UNC Provider’, a problem that allows a hacker to send a malformed data request to a PC to either run programs at will or cause the computer to restart. Click Start > Programs and run Windows Update to access all the available patches.

Windows XP’s built-in firewall is one of its most secure features, although it can interfere with useful services like Windows Update.

So far, the most secure aspect of Windows XP's networking lies in the built-in software firewall. Unfortunately, though, that firewall can prevent some Microsoft online services, particularly Windows Update and even XP Professional's Remote Assistance tool, from working properly. We prefer a third-party product such as ZoneAlarm or Norton Internet Security.

Interestingly, none of XP's security updates have anything to do with the once-feared raw sockets support included in XP's TCP/IP network protocol drivers. Many sceptics believed that XP's raw sockets support posed a security threat because it allows programmers to generate data transmissions from one computer and make them appear to come from a different one -- a technique used in distributed denial-of-service attacks.