What happened to the Messenger Plus! forums on msghelp.net?
Shoutbox » MsgHelp Archive » Skype & Technology » Tech Talk » Windows Firewall Flaw Hides Open Ports

Windows Firewall Flaw Hides Open Ports
Author: Message:
Hank
Banned


Posts: 3129
Reputation: 5
– / – / Flag
Joined: Nov 2003
Status: Away
O.P. Windows Firewall Flaw Hides Open Ports
quote:
Originally posted by BetaNews


Microsoft earlier this week confirmed a flaw exists in the way the user interface for its Windows Firewall handles bad entries in the Windows Registry, but said the problem was not a security vulnerability.

According to the advisory, an exception could be created that would open a hole in the Windows Firewall, allowing an attacker access to the computer. Administrator privileges are required in order to access the necessary section of the Windows Registry.

The flaw would also mean a user would be unaware of an open port. Microsoft has released a fix for the issue, which is downloadable from its Web site.

Firewall programs like the one included in Windows XP SP2 are intended to block incoming data unless the user specifically allows it. When exceptions are made for various types of incoming traffic, the user interface alerts the user to those open ports.

Microsoft says that it is more likely that attackers who have already compromised a user's system could exploit this flaw rather than the system creating the vulnerability on its own.

The issue affects Windows 2000 and Windows XP, including Service Pack 2.

"Microsoft plans to include an update to address this concern as part of a future service pack on the affected supported platforms," the advisory read.

09-03-2005 11:41 AM
Profile PM Find Quote Report
« Next Oldest Return to Top Next Newest »


Threaded Mode | Linear Mode
View a Printable Version
Send this Thread to a Friend
Subscribe | Add to Favorites
Rate This Thread:

Forum Jump:

Forum Rules:
You cannot post new threads
You cannot post replies
You cannot post attachments
You can edit your posts
HTML is Off
myCode is On
Smilies are On
[img] Code is On