The Mac Observer

Skip navigational links

You're viewing an article in TMO's historic archive vault. Here, we've preserved the comments and how the site looked along with the article. Use this link to view the article on our current site:
Unpatched Windows XP with SP1 Hacked in 6 Minutes

Unpatched Windows XP with SP1 Hacked in 6 Minutes

by , 1:50 PM EST, November 13th, 2007

A Windows XP system with Service Pack 1 installed, but with no subsequent patches applied, was hacked in six minutes by a security expert in London, according to C|Net on Tuesday. A Microsoft executive who watched the demonstration found himself both enlightened and fightened.

The Windows computer was not running a firewall or other anti-virus or anti-spyware software. The challenge was to connect, on a local network, and retrieve a text file of passwords. The attack was successful in six minutes and the password file downloaded in 11 minutes.

"If you were in (a cafe with Wi-Fi access), your coffee wouldn't even have cooled down yet," said Sharon Lemon, deputy director of SOCA's e-crime unit at the event sponsored by the UK's Get Safe Online. SOCA is the Serious Organized Crime Agency, a UK government intelligence group.

Another SOCA representative pointed out that the demonstration was "purely to point out that, if a system hasn't had patches, it's a relatively simple matter to hack into it." It's sensible, he added, to have SP2 applied, with all the current patches applied, and be running on a secure wireless network.

"In the demonstration we saw, it was both enlightening and frightening to witness the seeming ease of the attack on the (Windows) computer," said Nick McGrath, head of platform strategy for Microsoft. "But the computer was new, not updated, and not patched."

He also siad that Vista is not as "accessible to the average hacker" due to "operating system components."

TMO notes that there are likely many XP computers (and Macs) out there that users have failed to update because they haven't understood the importance or haven't gotten around to it. This demonstration is lesson for all Windows and Mac users; when the vendor publishes a patch, install it.

Recent TMO Headlines - Updated January 27th

Thu, 4:43 PM
Apple Posts Another $100 Billion Plus Quarter
Thu, 3:30 PM
'Fraggle Rock: Back to the Rock' Guest Stars Ed Helms, Cynthia Erivo, Daveed Diggs Play Frictionary
Thu, 3:18 PM
Apple Releases iOS 15.4 Beta, and Now Anyone Can Use Face ID With a Mask
Thu, 3:12 PM
Apple Patent Suggest Biometrics Could Come to AirPods
Thu, 2:03 PM
iPad First Launched 27 Janauary 27, 2010 - 12 Year's Old Today
Thu, 1:24 PM
Thursdays with Bob: Secret iPhone Features – TMO Daily Observations 2022-01-27
Thu, 1:20 PM
'OSX.DazzleSpy' is a Fully-Featured macOS Implant for Espionage
Thu, 1:16 PM
Smart iPhone Tricks
Thu, 1:00 PM
Facebook Rolls Out End-to-End Encrypted Chats for Everyone
Thu, 12:50 PM
Researchers Create First Silk-Based Physical Unclonable Function
Thu, 12:35 PM
PSA: Neil Young Still on Apple Music, Amidst Joe Rogan Spotify Row
Thu, 11:48 AM
An NFT on OpenSea Can Steal Your IP Address
  • __________
  • Buy Stuff, Support TMO!
  • Podcast: Mac Geek Gab
  • Podcast: Daily Observations
  • TMO on Twitter!