# [OT] Attention all Win XP users!



## Psionicist (Sep 15, 2002)

http://grc.com/xpdite/xpdite.htm



> Without XPdite, or XP's Service Pack 1,
> clicking on a simple, but malicious, URL can
> delete the entire contents of your directories.
> This FREE 30 kbyte "XPdite" utility protects your Windows
> XP system until you are able to install Service Pack 1.




Download and install SP1 NOW. Before you do it, run the above 30kb program. This time MS screwed up BADLY!


----------



## Tsyr (Sep 15, 2002)

You know, more and more, my decision to stick with 2K is seeming wiser and wiser...


----------



## Thanee (Sep 15, 2002)

Well, I have SP1 installed, so I guess I'm safe from this whatever-it-might-be bug...

Do you happen to know what kind of malicious URL they are speaking of there?

BTW, nice sig, Psi! 

Bye
Thanee


----------



## Zappo (Sep 15, 2002)

Ahem... notice that if you install SP1, you'll have to agree to the new Microsoft EULA which states, among other things, that you agree to let Microsoft remotely install new software on your machine without warning, which may interfere or block the functioning of other software without them being accountable.

Not counting that, if you're using a pirated WinXP with one of a few leaked activation keys (not that anyone here uses stolen software, right?), chances are that your installation will be deactivated.


----------



## Zappo (Sep 15, 2002)

Thanee said:
			
		

> *Do you happen to know what kind of malicious URL they are speaking of there?*



hcp://system/DFS/uplddrvinfo.htm?file://c:\test\*

I'm not making it clickable for fear that someone will actually click it. Anyway, inserting that into Internet Explorer from a WinXP pre-SP1 computer will delete the content of c:\test.


----------



## Thanee (Sep 15, 2002)

Thanks!

Bye
Thanee


----------



## thundershot (Sep 15, 2002)

Oddly enough, I started downloading SP1 last night (30 megs is a lot for a 56k modem) and I left it on all night... naturally, I got booted in the middle of it, but it just continued where it left off...


Chris


----------



## Thanee (Sep 15, 2002)

Gotta love those download managers, eh? 

Bye
Thanee


----------



## MeepoTheMighty (Sep 15, 2002)

Zappo said:
			
		

> *
> Not counting that, if you're using a pirated WinXP with one of a few leaked activation keys (not that anyone here uses stolen software, right?), chances are that your installation will be deactivated. *




*shrugs* There are keygens out now, as well as programs to retroactively change your cd key.  Not that anyone here uses stolen software, but if they did, they could probably figure out a workaround.


----------



## Psionicist (Sep 15, 2002)

Yeah. You can technically include this line in a simple email-message and destroy things for someone:

< iframe src="hcp://system/DFS/uplddrvinfo.htm?file://c:\test\*" >

or perhaps

< script language="javascript" src="hcp://system/DFS/uplddrvinfo.htm?file://c:\test\*" >

Or a simple meta redirect tag.

In short, if you use WinXP (unpatched), and read email and view webpages, you are in great danger.

Edit: One should try this to get rid of the problem:
hcp://system/DFS/uplddrvinfo.htm?hcp://system/DFS/uplddrvinfo.htm

haha just kidding


----------



## Grazzt (Sep 15, 2002)

MeepoTheMighty said:
			
		

> *
> 
> *shrugs* There are keygens out now, as well as programs to retroactively change your cd key.  Not that anyone here uses stolen software, but if they did, they could probably figure out a workaround.  *




Besides, Microsoft publically stated that they only blocked two known pirated keys. The infamous "Dell" key and one other. It was in their press release regarding SP1.


----------



## Grazzt (Sep 15, 2002)

Zappo said:
			
		

> *Ahem... notice that if you install SP1, you'll have to agree to the new Microsoft EULA which states, among other things, that you agree to let Microsoft remotely install new software on your machine without warning, which may interfere or block the functioning of other software without them being accountable.
> *




Make sure Windows Update is turned off and doesn't automatically update by itself. Install a hardware or software firewall. And don't use the included XP firewall. It isnt really all that good.


----------



## LcKedovan (Sep 15, 2002)

Grazzt said:
			
		

> *
> 
> Make sure Windows Update is turned off and doesn't automatically update by itself. Install a hardware or software firewall. And don't use the included XP firewall. It isnt really all that good. *




True but the included one is better than the nothing that most people use .

It is best to have auto update prompt you, but auto update is highly recommended since you are basically patching potential critical problems.

-Will


----------



## maddman75 (Sep 15, 2002)

> You know, more and more, my decision to stick with 2K is seeming wiser and wiser...




More and more, my decisiton to switch to Linux is seeming wiser and wiser.  Keep win around for games, use Mozilla for web, mail, and news on the rare occasion I get online under windows.

I do have a buddy that uses XP, thanks for the heads up Psionicist!


----------



## Piratecat (Sep 15, 2002)

Personally, XP is my favorite operating system that I've ever used. I have auto-update turned on, set to have me review and approve any updates before it installs them.  No complaints at all.


----------



## Darkness (Sep 15, 2002)

Tsyr said:
			
		

> *You know, more and more, my decision to stick with 2K is seeming wiser and wiser... *



Seconded.


----------



## Buttercup (Sep 15, 2002)

maddman75 said:
			
		

> *
> 
> More and more, my decisiton to switch to Linux is seeming wiser and wiser.  Keep win around for games, use Mozilla for web, mail, and news on the rare occasion I get online under windows.
> 
> I do have a buddy that uses XP, thanks for the heads up Psionicist! *




The problem with Linux is that not all of us have the knowledge base, nor the time to acquire it, to run a Linux box.  The day that Linux truly becomes a turnkey operating system is the day we switch.


----------



## Zappo (Sep 15, 2002)

I soooo agree with Buttercup. I _could_ get a computer to run Linux, barely. But setting up network, modems, or even sound, that's beyond me. I don't even want to think about a RAID configuration. I'm sure I could learn those things in a few days, but I don't have those few days. And there are millions of people who _couldn't_ learn it in a few days.

Really, the best thing that could happen to IT right now is a Linux distro that can detect and install stuff as well as any Windows does. Unfortunately, Linux does everything better than Windows, save installing itself - which is exactly the most important thing for mainstream.


----------



## Psionicist (Sep 15, 2002)

Zappo said:
			
		

> *I soooo agree with Buttercup. I could get a computer to run Linux, barely. But setting up network, modems, or even sound, that's beyond me. I don't even want to think about a RAID configuration. I'm sure I could learn those things in a few days, but I don't have those few days. And there are millions of people who couldn't learn it in a few days.
> 
> Really, the best thing that could happen to IT right now is a Linux distro that can detect and install stuff as well as any Windows does. Unfortunately, Linux does everything better than Windows, save installing itself - which is exactly the most important thing for mainstream. *




Hehe the MS Windows installation is da*n scary if you look at the nice GUI when you install newer versions of RedHat and Mandrake. High resolution, LOTS of colors, mouse support from the start and so on. As userfriendly it can ever be


----------



## Jarval (Sep 16, 2002)

Piratecat said:
			
		

> *Personally, XP is my favorite operating system that I've ever used. I have auto-update turned on, set to have me review and approve any updates before it installs them.  No complaints at all. *




I agree.  There's a lot to be said in favor of XP, although this is a bit major in terms of security breaches.

Going even further OT, how do you all rate Zone Alarm as a firewall?


----------



## Psionicist (Sep 16, 2002)

Jarval said:
			
		

> *
> 
> I agree.  There's a lot to be said in favor of XP, although this is a bit major in terms of security breaches.
> 
> Going even further OT, how do you all rate Zone Alarm as a firewall? *




Zone Alarm is a pretty decent fire wall for personal use.

You can see for yourself if your firewall is good enought: http://grc.com/lt/leaktest.htm

You can also try this: https://grc.com/x/ne.dll?bh0bkyd2 , Gibsons server will try to connect to your computer then it will display information about your security. Very useful.


----------



## Jarval (Sep 17, 2002)

Thanks for the links Psionicist.  Turns out that Zone Alarm works rather well


----------



## Chun-tzu (Sep 17, 2002)

Just thought I'd put in a good word for AtGuard. which is the firewall that I use. As far as I can tell, it's worked great these past few years, and what's even better than security (for me) is that it blocks the vast majority of Internet ad banners (just a blank space on instead) and those annoying pop-up ads. It also passed Leaktest.


----------



## hong (Sep 17, 2002)

Silly question time: does WinXP SP1 also include Internet Explorer 6 SP1?


----------



## Ziggy (Sep 18, 2002)

hong said:
			
		

> *Silly question time: does WinXP SP1 also include Internet Explorer 6 SP1? *




Windows update showed them as different updates, so I guess not.

.Ziggy


----------

