February 1, 2005 (HOSTSEARCH.COM) A Russian firm, Positive Technologies, just announced 2 security flaws in Microsoft XP SP2. In a research paper written by Alexander Anisimov of Positive Tech he claims that the 2 security measures can be bypassed so that code can be run on a users computer without their compliance.
eWeek reported earlier that a Microsoft spokesperson is claiming that the security breach is not a threat, cannot be used to execute code and there is no danger to users. Also, that Microsoft is working to fix the problem as quickly as they can.
Positive Technologies research paper can be accessed here:
http://www.maxpatrol.com/defeating-xpsp2-heap-protection.htm