Windows XP SP2 Security Center Spoof

This is almost sad. According to PC Magazine, the new Microsoft “security” features can in fact be spoofed thanks to a big oops and a little know how. This kills me, I thought this was supposed to keep us secure? To me, having it this easy to spoof information on your security settings like that is inexcusable. I don’t even know what else to say other than rolling my eyes and muttering, “here we go again”.

Windows XP Service Pack 2 promises to raise the security bar for the sometimes beleaguered operating system. Unfortunately, one of the new features could be spoofed so that it reports misleading information about system security, or worse, lets a malicious program watch for an opportunity to do damage without being detected. The feature is the Windows Security Center (WSC), which displays the status ( (Figure 1) )of the key elements of your defenses: Firewall, Updates, and Antivirus. If your firewall has been disabled, or your antivirus is out of date, that news will display here. The information is stored in an internal database managed by the Windows Management Instrumentation (WMI) subsystem built into Windows