A Moscow-based computer security firm has announced that there’s a way to defeat a major security measure in Windows XP Service Pack 2.

Far too many XP2 installation horror stories exist to mention here. Gun-shy after years of blowing up Windows systems, I held off until last week to install SP2 on one of my machines, a self-built AMD Athlon64-based system. Amazingly, the installation went flawlessly, and everything still works in the face of many reports that would have indicated a less-than-easy upgrade, including this one, for example, from Microsoft itself. Bill Gates said this past August when rolling out the now infamous update, “Service Pack 2 is a significant step in delivering on our goal to help customers make their PCs better isolated and more resilient in the face of increasingly sophisticated attacks.” An SP2 security measure called Data Execution Prevention (sometimes called Data Execution Protection) is designed to help prevent the execution of malicious code. A Moscow firm, Positive Technologies, has announced that it is possible to defeat Data Execution Prevention. Anyone running XP—from engineers to IT managers—should be aware of such things and also keep those security updates rolling in.