Quantcast
PC World: Technology Advice You Can Trust
Search
Browse by Topic
Subscribe to magazine

Magazine

Subscribe & Get
a Bonus CD

Customer Service

Find a Review
Dads & Grads Gift Guide Audio & Video Business Center Cameras Cell Phones & PDAs Communications Components & Upgrading Desktop PCs DVD & Hard Drives Gaming Hardware & Software HDTV Laptops Macs & iPods Monitors Printers Spyware & Security The PCW Test Center Windows Vista & XP
Resource Centers
Asus Notebook Center
CDW Solution Center
HP Ink Center
Intel Technology Center
Lenovo Laptop Showcase
Try It Free
White Paper Library
Webcast Library
Most Popular Search Terms
Most Popular Products
Most Popular Downloads
Free Newsletters
Receive the latest reviews, how-to's, news, and more.
Weekly Brief
Daily Downloads
Daily Technology News
Go
WiFi Finder
Locate wireless services by a specific address, city, state, country, airport, or zip code.
RSS Feeds
Get our latest content via convenient RSS feeds.
Latest News
Today @ PC World
Become a PCW Member
Join the community and start enjoying the benefits:
  • Get tech advice from thousands of PC World Members
  • Rate and recommend the latest tech products
  • Share your thoughts in blog and article comments
  • Get free excerpts and exclusive discounts on Super Guides
Signing up is free and easy.
Bugs and Fixes
Bugs and Fixes
Contributing Editor Stuart J. Johnston advises you on how to fix the latest problems affecting your operating system, your browser, your other software, and your hardware.
Show article:
Read More About: XPMac OSInternet ExplorerBrowser SecurityNetwork SecurityMozilla

Plug a Windows XP Copy Protection Hole

Plus: Fix Firefox stability problems, and snag Apple's Mac OS X megapatch.

Stuart J. Johnston, PC World

Tuesday, January 01, 2008 8:00 AM PST
Recommend this story?
Yes
No

Microsoft reports "limited" attacks on Windows XP systems via an unexpected path exploiting a security hole in a copy protection program that comes with XP. (Windows Vista is not at risk.)

The program that attackers are leveraging is Macrovision's SafeDisc, optical-disc copy prevention software for Windows applications and games. The flaw is located in a system driver file called secdrv.sys. Microsoft immediately issued a Security Advisory.

Macrovision released a patch; at press time Microsoft was still testing the patch and was not yet distributing it via its automatic updates.

A successful attack could lead to a complete takeover of your PC, but such a success is harder to pull off than with most garden-variety "critical" bugs. Regardless, grabbing the patch is a good idea: You never know when some unscrupulous hacker will tweak the exploit code to make it far more dangerous.

Get a Handle on URI Bug

Microsoft finally produced the long-awaited patch for the "URI Handler" bug that I wrote about last month. If you are running Internet Explorer 7 on Windows XP, you're vulnerable and you need the patch. If you are running IE 7 on Windows Vista, though, you're safe.

Attacks "in the wild" based on this flaw have already occurred. This assault, however, requires interaction with third-party programs such as the Mozilla Firefox browser or Adobe Acrobat to work. Luckily, those software makers patched their products quickly, while everyone waited for a more complete fix from Microsoft. If you have automatic updates enabled on your Windows XP system, you should have the patch by now. Otherwise, be sure to get your hands on the patch.


Next page: Keep Up With Firefox Versions
Recommend this story?
Yes
No
Related Searches: windows xp copy protection uri handler firefox mac os x

Comments
Related Content
Recent Columns
Archives
View columns from:

Today's Special Offers

Name City
Address 1 State Zip
Address 2 E-mail (optional)