Russian security company Positive Technologies has released a patch to a security hole it said it discovered in Microsoft's Windows XP Service Pack 2 last year.
We found two small flaws that a programmer could use to go around the SP2 mechanism Data Execution Protection [DEP]," says Positive Technologies Chief Technology Officer Yury Maximov.

As Microsoft explains on its Web site, DEP is a set of hardware and software technologies that perform additional checks on memory to help prevent malicious code from running on a system. According to Maximov, Positive Technologies informed the Redmond, Washington, software maker on December 22 about a problem with DEP and was told to wait for a response from the company.

"It has been over one month and we have not heard from Microsoft, so we decided to issue our own patch," Maximov says. "We understand that Microsoft wants to protect its product, but we feel it is more important for people to know about the problem and to know there is a tool to protect them."

Maximov adds that it was his understanding that hacker groups were already working on ways to exploit the holes in DEP so as to insert rogue code into a PC's memory.

Representatives from Microsoft could not immediately be reached for comment.
Patch Available

Positive Technologies, in Moscow, has developed a temporary security measure, which it made available last week as a free utility called PTmsHORP, Maximov says.

The security hole cannot be fully eliminated by a separate patch, according to Maximov, and Positive Technologies assumed that Microsoft was not going to publish the problem or issue a security fix before the release of Service Pack 3, he says.

But some analysts question the wisdom of downloading third-party patches. "Personally, I would not advise people installing such patches," says Ovum analyst Graham Titterington. "There is a lot of danger in installing patches from people or companies you're not absolutely sure of. Chances are there wouldn't be a problem, but that is a risk not worth taking."

When other companies make publicly known the security problems within Microsoft products such as SP2, it puts pressure on Microsoft to address the issue, Titterington says, but publishing third-party patches could possibly further the problem.

"I agree that not having heard from Microsoft for a month was slightly undesirable, but the response time for situations like this are usually more like three months," Titterington says.

The PTmsHORP utility is available online here:
http://www.maxpatrol.com/ptmshorp.asp

Has anyone tried the patch out?

Working fine for me.

The idea of a third party driver really really scares me. Granted, I already don't trust Microsoft very much but I can't bring myself to trust third party vendors at all.

That's understandable. If Microsoft authorized it or bought it from the third party I may consider it, but I think that's why I'm not downloading it either.

Speaking of not trusting Microsoft, I heard that they put a code on Norton and mcafee anti virus software so they can see every website you ever went to since your last format. They say it's for tracking purposes, but it's still pretty questionable to me.

Posted by Lord Kahos That's understandable. If Microsoft authorized it or bought it from the third party I may consider it, but I think that's why I'm not downloading it either. Speaking of not trusting Microsoft, I heard that they put a code on Norton and mcafee anti virus software so they can see every website you ever went to since your last format. They say it's for tracking purposes, but it's still pretty questionable to me.

I was apprehensive at first, but after contacting the author a couple of times i'm convinced it's perfectly safe and better to have than not. I don't go carelessly downloading stuff and have only got 1 virus infection ever.

Norton & mcaffee both suck ass. I use AVG, it's the best i've ever used and it's FREE. One of the best things to avoid infection is to not use outlook or outlook express for anyhing.

Care to say why Mcaffee sucks ass?

Posted by Professor Chaos Care to say why Mcaffee sucks ass?

Because Lord Chaos is right about micosuck snooping thru it and norton.

Bingo. I never run anti-virus software on my computer -- the resource hit is obscene. However, I keep a recent copy of AVG (uninstalled, heh) and a definitions .bin on hand... just in case. It tends to get more use on my clients computers, where, often, there have been no updates since Dell or whatever other OEM shipped the computer with XP SP1a (or earlier!), and it's chock-full of virii, spyware, malware, and other nasties.

As a side note, in my 17 years of computer use (that's over three quarters of my life span, BTW...), I've gotten one virus. It happened to be resident on a hard-drive that a friend donated to me, and I didn't bother to format the bastard before using it. A quick look at the executable in a hex editor allowed me to find the author's tag, and some search engine work (pre-google!) after that found me... the author's homepage. This particular Argentinian man was polite enough to include a removal tool with the original .zip distro of the virus. It even had a fucking GUI! I was *very* surprised. Haven't had any virus problems before or since. Malware and Spyware happen, albeit rarely, and given that I use neither Internet Explorer or Outlook Express, it only happens when I allow it; I install something that I *KNOW* is going to install spyware, and remove it with Ad-aware minutes later.