Windows XP Service Pack 2 has a flaw that gives users a false sense of security – quite literally. One report describes the security hole as a ‘crater’. The vulnerability lies in the web systems management interface (WBEM), which allows downloadable code to spoof firewall status information.
Link: theregister.co.uk