14 DAY TRIAL // Six minutes... that is all it took to hack Windows XP, and to completely take over the operating system. Nick McGrath, Director of Platform Strategy at Microsoft U.K., witnessing the XP hack first hand, described the effortless attack and compromising of the platform as "enlightening and frightening." The hack was performed by two security experts working with Serious Organized Crime Agency, the U.K. government intelligence group. The start of the hacking event sponsored by Get Safe Online was a copy of Windows XP Service Pack 1 and an unsecured wireless network, the kind so often encountered in households everywhere.
Now in all fairness, it was a copy of Windows XP SP1 with no additional patches deployed, and with absolutely no security solutions installed. In this context, the stripped down XP SP1 proved nothing short of an excellent target for the hack. Initially, the SOCA experts used an open-source tool available for download in the wild and designed to sniff out possible avenues of attack on the target computer. After identifying the IP address of the test machine connected to the wireless network, the system was scanned for vulnerabilities. A second tool revealed the security holes in the target computer and served to build an exploit, attack and own the XP SP1 PC. The entire process from start to finish took just six minutes.
"In the demonstration we saw, it was both enlightening and frightening to witness the seeming ease of the attack on the Windows computer. But the computer was new, not updated, and not patched", McGrath revealed as cited by ZDNet.co.uk. According to the SOCA experts, moving to Windows XP SP2 with the latest patches installed reduces the possibility of exploits in this manner. But at the same time the evolution in security, and especially in scenarios involving wireless networks, brought by Windows Vista, recommends the latest operating system from Microsoft as a better choice.