Microsoft representatives say that the fault poses an unprecedented risk because a user is vulnerable as soon as they connect to the Internet — no other action is required. The company has recommended that all users running UPnP download and install a new patch immediately.

　　Microsoft touted Windows XP as its most secure operating system3 ever when the software was launched worldwide on 25 October. The company estimates that it has sold over seven million copies of the platform since then. Spokesman Jim Desler said:“We are in the process of notifying our customers. We have mobilized all of our technical account managers worldwide who work with big clients and we have a very broad email list for email notification. ”

　　There are two sides to the UPnP flaw. The first could allow the hacker to break into a Windows system and run any programs or code they choose by sending a specially designed network message. The second might enable the hacker to overload a Windows machine and prevent it from functioning properly. This can be achieved by sending similarly customised network messages repeatedly.

　　The hole was discovered by Riley Hassell of US security company eEye Digital Security. In his advisory, Hassell hints that there may be further problems with the UPnP service. The US government-sponsored computer monitoring service , the Computer Emergency Response Team has also issued an open warning to computer users about the problem.

　　----------------------------------------------------------

　　練習題：

　　Ⅰ. Fin d synon yms for the fo llowing words from the pa ssa ge:

　　1. fault

　　2. work

　　3. a lot of

　　4. suggestion

　　Ⅱ. Question :

　　Who, Jim Desler or Riley Hassell, works for Microsoft?

　　-----------------------------------------------

　　參考答案

　　Ⅰ. 1. glitch / bug / hole / flaw 2. function 3. a broad range of 4 . advisory

　　Ⅱ. Jim Desler.

　　-------------------------------------

　　參考譯文：

　　視窗XP 安全缺陷非常嚴重

　　據 微軟公司安全問題專家介紹, 新王牌操作系統即視窗X P 有軟件缺陷, 該缺陷可使用戶處于空前的危險之中。一些舊版的視窗也可能受到影響。

　　該漏洞在一種叫做“ 通用即插即用”的服務功能上, 它符合視窗XP 的標準。該缺陷可使惡意的黑客完全控制安裝此軟件的計算機。開發“ 通用即插即用”的功能是為了能使計算機控制多種硬件, 包括最新的家用電器。該軟件還可以添置到視窗98 、98 第二版和千禧版上。

　　微軟代表說, 因為不需采取其他行動, 只要該軟件用戶連到因特網上就可能受害, 所以該缺陷造成的危險是空前的。所有使用這種“ 通用即插即用”的用戶應立即下載和安裝一種新的修正軟件。

　　微軟曾揚言視窗XP 是它最安全的操作系統, 自從2001 年10 月25 日在全世界推出該軟件后, 該公司估計已售出700 多萬套。

　　公司發言人吉姆· 德斯勒說:“ 我們正在通知客戶, 我們已經動員了公司遍布全世界為大客戶服務的技術項目經理, 還向大量的郵址發出了電子郵件通知。”

　　“ 通用即插即用”的缺陷有兩個方面。一是黑客如果輸入一種特別編制的網絡信息可強行闖入一種視窗系統, 操縱任何程序和編碼。其二是黑客可以讓裝有視窗的電腦超負荷, 使該機功能失常。用反復輸入類似定制網絡信息的方法就可達此目的。

　　該 缺陷是由美國電眼數字安全公司的賴利· 哈索爾發現的。他在報告中暗示“ 通用即插即用”可能還有更多的問題。

　　美國政府資助的計算機監測部門即計算機應急小組也已發出公開警告, 告誡計算機用戶關注這一問題。