It appears you have not yet registered with our community. To register please click here...

 
Go Back [M] > Madshrimps > WebNews
Windows Firewall flaw may hide open ports Windows Firewall flaw may hide open ports
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read


Windows Firewall flaw may hide open ports
Reply
 
Thread Tools
Old 2nd September 2005, 05:55   #1
[M] Reviewer
 
Sidney's Avatar
 
Join Date: Mar 2004
Posts: 15,739
Sidney Freshly Registered
Default Windows Firewall flaw may hide open ports

A flaw in Windows Firewall may prevent users from seeing all the open network ports on a Windows XP or Windows Server 2003 computer.

The flaw manifests itself in the way the security application handles some entries in the Windows Registry, Microsoft said in a security advisory published Wednesday. The Windows Registry stores PC settings and is a core part of the operating system.

The bug could allow a firewall port to be open without the user being informed through the standard Windows Firewall user interface, according to the Microsoft advisory. The company has released a fix that can be downloaded from Microsoft's Web site and will be part of a future Windows service pack, the company said.

Microsoft said the firewall issue is not a security vulnerability but said the flaw could be used by an attacker who already compromised a system in an attempt to hide exceptions in the firewall.

Previous Next For example, miscreants who have penetrated a computer could create and hide a firewall exception by inserting a malformed Windows Firewall exception entry in the Windows Registry. "An attacker who already compromised the system would create such malformed registry entries with the intent to confuse a user," Microsoft said.

Like other firewall software, Windows Firewall is meant to block incoming traffic to a computer. Users can allow incoming connections by creating exceptions. Windows Firewall displays these exceptions in the firewall UI, which can be reached by going to the Windows Control Panel and selecting Windows Firewall.

PC users can view all firewall exceptions--including those the unpatched Windows Firewall doesn't see--through other tools, Microsoft notes. Typing "netsh firewall show state verbose = ENABLE" at a command prompt will display all active exceptions, the company said in its advisory.

http://news.com.com/Windows+Firewall...l?tag=nefd.top
__________________
lazyman

Opteron 165 (2) @2.85 1.42 vcore AMD Stock HSF + Chill Vent II
Sidney is offline   Reply With Quote
Reply


Similar Threads
Thread Thread Starter Forum Replies Last Post
Microsoft warns of TLS/SSL flaw in Windows jmke WebNews 0 10th February 2010 13:28
175 Windows 7 Tweaks, Tips, and How-To Articles jmke WebNews 2 23rd October 2009 14:00
Microsoft Patch Tuesday: 5 Criticals, 2 Important, 1 Moderate Patch jmke WebNews 0 14th April 2009 18:47
Microsoft Security Bulletin Summary for September 2008 jmke WebNews 0 9th September 2008 19:20
Microsoft Security Bulletin Summary for August 2007 jmke WebNews 0 14th August 2007 22:21
IE flaw puts Windows XP SP2 at risk Sidney WebNews 3 6th February 2007 17:25
Cybercrooks add Windows flaw to arsenal jmke WebNews 0 2nd October 2006 10:08
Microsoft Security Bulletin Summary for June 2006 jmke WebNews 0 14th June 2006 20:51
Windows flaw reaches beyond XP Sidney WebNews 0 19th July 2005 00:05
List of fixes included in Windows XP Service Pack 2 jmke WebNews 1 17th August 2004 15:03

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


All times are GMT +1. The time now is 01:40.


Powered by vBulletin® - Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO