August 24, 2005 - (HOSTSEARCH.COM) - Microsoft issued a security bulletin today to clarify a potential risk for Windows XP users with Simple File Sharing and ForceGuest. When you enable Simple File Sharing, the Guest account is also enabled and given permission to access the system through the network. Because the Guest account is a valid account when it is enabled, and is given permission to access the system through the network, an attacker could use the Guest account as if they had a valid user account.
While there is no known attack that currently takes advantage of the security flaw and users of XP who have applied the update for Security Bulletin MS05-039 are also protected the chances of a virus attacking this flaw are high.
For more information on this security flaw see the
Microsoft security update.
