Homepage tabWindows tabGames tabDrivers tabMac tabLinux tabScripts buttonMobile tabHandheld tabGadgets tabNews tab


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home / News / Microsoft / Patches and Vulnerabilities

Patches and Vulnerabilities

The First XP SP3 Security Vulnerability

Fixed before the service pack was released

By Marius Oiaga, Technology News Editor

14th of April 2008, 15:13 GMT

Adjust text size:


Windows XP
Enlarge picture
The third and final service pack for Windows XP is not even out, and Microsoft is already hammering away at it plugging security soles. Although it debuted in full development alongside Windows Vista SP1, Windows XP Service Pack 3 is yet to be finalized with the delivery planned by mid-2008. Since the end of March 2008, Microsoft managed to sweep XP SP3 under the rug, but until the past month, the service pack was very much still
a work in progress.

Case in point the first security vulnerability affecting XP SP3, fixed even before the service pack was finalized. Sometime between late February and the end of March, the Redmond company solved an issue in the Windows graphics device interface. When it released Microsoft Security Bulletin MS08-021 labeled with a maximum severity rating of Critical, Microsoft stated that despite the fact that all Widows operating system, either on the server or on the client's side were affected, XP SP3 was not.

The reason for this, spotted by ComputerWorld over on the Microsoft Forum is the fact that update 948590 had already been integrated into XP SP3 when the company released Release Candidate 2 Build 5508. Microsoft's Shashank Bansal, answering to an user report of failed integration of KB948590 with XP SP3, revealed that the "issue happens with 3311 build of XP SP3. RC2 Refresh build 5508 does not encounter this issue. It happens because KB948590 stops installation of SP3 version of gdi32.dll on the system due to file version differences."

The security bulletin designed to patch the GDI vulnerabilities affected a wide array of Windows operating systems including Vista SP1 and Windows Server 2008. Also XP SP3 RC2 Build 3311 seems to have been vulnerable, but the issue was solved with the release of XP SP3 RC2 Refresh Build 5508. "The KB mentioned was released post 3311. As 3311 build carried updated released till the date it went public, the new KB was not included. The KB carried a version of gdi32 higher than 3311 (as it was released later). This caused the difference," Bansal added.

Windows XP Service Pack 3 Release Candidate 2 Refresh can be downloaded from here.

TAGS:

 Windows XP SP3 | RC2 | Refresh | Build 3311 | Build 5508
Read by 2,210 user(s) | Add comment | Link to this article TWEET THIS


Article rating:
Good (4.0/5) 7 vote(s)    

Subscribe to news | Print article | Send to friend

© Copyright 2001-2009 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


The Evolving DirectX 10.1 in Vista SP1 RTM Plus 10.1 Capable Hardware

The Only Way for Windows XP SP3 Is Down

Updated Automated Installation Kit for Vista SP1 Available, XP SP3 Ignored

Windows XP SP3 Build 5573 - XP SP3 RC2 Refresh Goes Back in Time

From XP SP3 to Vista RTM/SP1 - All Pirated, Yet Microsoft Claims Anti-Piracy Progress

XP SP3 RC2 Refresh Leaves Vista SP1 RTM in the Dust

Onward to Beta 2 - The Second Wave of IE8 Beta 1 Downloads Is Here

Windows XP SP3 Gets Its First Taste of Vulnerabilities

Microsoft Got Windows on ASUS Eee PC, but not XP SP3 or Vista SP1

2009 - 2010 - Windows 7 from Milestone Builds to the Beta and Final Versions

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 




Windows tabGames tabDrivers tabMac tabLinux tabScripts tabMobile tabHandheld tabGadgets tabNews tab

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2009 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive