FYI>>>>>

-----Original Message-----
From: [log in to unmask]
[mailto:[log in to unmask]] On Behalf Of
[log in to unmask]
Sent: Wednesday, September 11, 2002 9:08 AM
To: [log in to unmask]
Subject: [infosec] Windows XP Security Hole - File Deletion


All,

Many may already be aware of the large hole in WIndows XP that SP1
fixes, but wanted to throw this out anyway.

There is a large Security hole in Windows XP that is currently not well
documented.  Microsoft's web site appears to makes no mention of it and
very few Internet Security Sites are talking about it.

This hole could allow anyone to delete files on your local machine by
using a Malicious E-mail, web site link, or new virus.  I have tested
the vulnerability and it is very destructive and very easy to duplicate.

The Fix is to install Windows XP SP1 or for those not ready to take the
leap into SP1 quite yet rename the following file

C:\windows\pchealth\helpctr\system\dfs\uplddrvinfo.htm


Randy Hannett, MCSE CCNA
Network Security Analyst
SymQuest Group, Inc.
(802) 658-9867 ext 9204
[log in to unmask]