Huge & Extremely Serious Security Hole in Windows XP: Please read & update immediately!

RideFree · Sep 10, 2002

ETAL,

anyone know where else this can be d/l from? 9K/sec here too, i need to install this on quite a few systems so i need the network install

Yes, this is a problem...I just dedicated a portion of the bandwidth and let 'er rip!

I think the 140MB D/L took between 3 or 4 hours about 7 or 8am - done before noon. Shucks, I even went out for breakfast.

jonnashville · Sep 10, 2002

According to Leo Laporte, Microsloth is telling NO ONE which update segment included in the service pack is the one that fixes the problem. In fact, most security experts did not dare break the story. Laporte was the first, as far as I know.

The major news media have not yet picked up on this, but you can bet the hackers have.

RideFree · Sep 10, 2002

If you are bandwidth challenged, just order the Windows XP SP1 CD from the CD order page. You will be charged a fee of $9.95 (USD) or $14.95 (CDN) including shipping and handling charges. Not a bad deal.

Bill says, "Order Me!"

genius99 · Sep 10, 2002

Originally posted by: c627627
Thank you jonnashville for this post.

BTW if anyone's using a blacklisted Windows CD Key, (keys that start with F or D are thought to be blacklisted), will deactivate Windows XP on their computer by installing Windows XP Service Pack 1. So, heads up, make sure you check your CD Key before installing Service Pack 1, a-right?

c627627, how do you know that Windows XP will be deactivated if a blacklisted cd key is being used?

Johnbear007 · Sep 10, 2002

this file does not even exist on my system

cruzer · Sep 10, 2002

Fast link for Service Pack 1:

SP1

deeznuts · Sep 10, 2002

c627627, how do you know that Windows XP will be deactivated if a blacklisted cd key is being used?

that's been floating the web over the last few months.

Sparty · Sep 10, 2002

If you are bandwidth challenged, just order the Windows XP SP1 CD from the CD order page. You will be charged a fee of $9.95 (USD) or $14.95 (CDN) including shipping and handling charges. Not a bad deal.

Would it be possible to copy this cd and sent it out to others??? Come on $9.95 for a cd to fix a problem they created!?! BS

Edit: Better yet, could someone with broadband burn a copy and send it out for the cost of shipping??

c627627 · Sep 10, 2002

Microsoft has known for months(!) about this flaw and now that Service Pack 1 is out they let the word out about it.

It's amusing to read "Microsoft has... inexplicably, done nothing before now..." Let me tell you something, there's nothing inexplicable about it, because guess what, everyone and their cousin will now install Service Pack 1 which nicely updates quite a few things and -- hunts down and kills that pirated CD Key that starts with FCKGW... and maybe others which start with D...

Inquirer (http://www.theinquirer.net/) reported about certain XPProCorp-KeyChanger.exe files out there without which anyone who has that pirated CD key will be dead in the water after installing Service Pack 1.

genius99 · Sep 10, 2002

Originally posted by: deeznuts

c627627, how do you know that Windows XP will be deactivated if a blacklisted cd key is being used?

Click to expand...

that's been floating the web over the last few months.

Does anybody know if this is actually true? or is it just a rumor?

c627627 · Sep 10, 2002

'specially for genius99

genius99 · Sep 10, 2002

Originally posted by: c627627
'specially for genius99

THANK YOU c627627

MaroonGuru · Sep 10, 2002

I found a list of Mirrors on a page that has a good discussion of the SP1 and the key code problem, with solutions. 'nuff said.

On TweakTown.com
TweakTown Article

Mirrors:

Am getting 175KB/S from Mirror #1 right now.
Mirror 1

Mirror #2 is bad, don't use, I am leaving it here it case it comes back.
Mirror 2

Only getting 9KB/S from #3
<a target=new class=ftalternatingbarlinklarge href="http://
http://download.microsoft.com/download/whistler/SP/SP1/WXP/en-us/xpsp1_en_x86.exe">Mirror 3</a>

This link is flaky, worked, then didn't.
Mirror 4

I'm not too worried about my keycode. Microsoft placed XP in my hands themselves. A very nice version at that. (In testing with it, I could both upgrade a system or do clean install. I finally settled on a clean install and registered it.)

RideFree · Sep 10, 2002

It's amusing to read "Microsoft has... inexplicably, done nothing before now..." Let me tell you something, there's nothing inexplicable about it, because guess what, everyone and their cousin will now install Service Pack 1 which nicely updates quite a few things and -- hunts down and kills that pirated CD Key that starts with FCKGW... and maybe others which start with D...

I'll bet this is dead-on!

I'll also bet there are many that wish they had availed themselves of the $39 deal that M$ has offered at least 3 times now, TIKO.

thinlizzie · Sep 10, 2002

Yeah that $39 deal is great if your a partner or a reseller. Too bad most of us aren't. Tough to rub my nose in crap that can't be had. :/

c627627 · Sep 10, 2002

Yeah I know, ridefree is like that guy who posted a hot deal and it was like "and than you get your buddy who works at the place to give you an employee discount..."

... us kids can't get Windows XP Pro for $39 ridefree, it's $299 or a little less, more than any hardware component in our systems -- you know that.

RideFree · Sep 11, 2002

rub my nose in crap

Lighten-up! It's not my fault that you didn't get any one of the dozens of clues dropped on-line as to how to get the job done.
Besides that, It's in one of the current forms, so go do it (I think it was still current yesterday).

Pardus · Sep 11, 2002

This so called security hole is another way for microsoft to force people to install sp1 sooner than later. I did a seach for this .htm file on serveral pc's, nothing was found. My guess its a publicity event put out by microsoft to sell more copies of xp.

I'm not installing sp1 until i hear that it works, microsoft's so-called patches tend to do more harm than good.

RideFree · Sep 11, 2002

"uplddrvinfo.htm" was in every PC on this network and subsequently were re-named.
Although I did the 140MB D/L earlier today, it has not been installed on any system as yet.
I agree with ActiveX that this action on the part of M$ will sell more copies of XP. It may be that it was designed that way (at least that's what my last post was meant to say). We may never know the truth of the matter.
As it stands, it looks like pure marketing genius on the part of M$.
We have all become "hooked" on XP and now there is the price of addiction.

rival · Sep 11, 2002

found the file, deleted it, am i safe now? well until next week when another huge exploit in xp is found

chuckyH · Sep 11, 2002

So far it hasn't disabled a "test" pc due to invalid key just popped up one nag screen to contact the system vendor if I'm in doubt of legitimate key well just wait and see.

chuckyH · Sep 11, 2002

Search for sp1 on tweak town for a good article on problems with pirated software

kissdisap · Sep 11, 2002

Originally posted by: cruzer
Fast link for Service Pack 1:

SP1

Thanks for the link! Downloading at 135KB/sec....

l31itz · Sep 11, 2002

awesome post... thanks for the heads up

NewSc2 · Sep 11, 2002

Leo Laporte of The Screen Savers demonstrated how this could wipe out entire directories.

hey wait, so is Leo Laporte the same LeoLaporte in warcraft 3? (top 25 or something like that in ladder in US West or East)

Huge & Extremely Serious Security Hole in Windows XP: Please read & update immediately!

Diamond Member

Senior member

Diamond Member

Member

Diamond Member

Senior member

Senior member

Senior member

Golden Member

Member

Golden Member

Member

Member

Diamond Member

Senior member

Golden Member

Diamond Member

Diamond Member

Diamond Member

Diamond Member

Senior member

Senior member

Member

Senior member

Diamond Member