MALWARE

Little Used Service Opens New Vulnerability in XP

Print Version
E-Mail Article
Reprints

By Erika Morphy
TechNewsWorld
Part of the ECT News Network
11/02/06 1:39 PM PT

Compared with past security flaws in Windows, this one is fairly benign. "Microsoft is getting better at recognizing the importance of security and the impact it has on the user experience, as well as the Internet as a whole," said Ron O'Brien, a senior security analyst with Sophos. "It's something they've taken to heart, and it is why I believe they are making such an effort now."


Ready to take your business to the next level? Capital Source Partners helps businesses just like yours. Our expert team of advisors will guide you through the processes of preparing for a M&A, an IPO, and obtaining investment capital to expand your business . Contact us today for a free consultation.

A newly discovered but minor denial-of-service flaw in Windows XP could allow hackers to crash the operating system's firewall. However, the pool of affected computers appears relatively small.

The security vulnerability, which was first reported on Monday, targets the ICS (Internet Connection Sharing) service, a Windows XP feature that lets users share a dial-up or broadband connection with other users on a local area network New HP LaserJet P4014n Printer Starting at $699 after $100 instant savings.. Using ICS has become a rather antiquated method for sharing an Internet connection.

The attacker sends malware Free Trial. Security Software As A Service From Webroot. -- a malformed DNS query, specifically -- to a vulnerable PC, which causes ICS to shut down. In turn, Windows XP Firewall shuts down and this places the computer at risk.

Tyler Reguly of nCircle, which has been tracking the vulnerability, posted a simple test on his blog: "Are you running Windows XP and are you sharing your Internet connection? If the answer is yes to both of those, then you are vulnerable."

There is no virus "in the wild" that is tailored to use this exploit, according to Reguly.

Last Line of Defense

PCs that are protected with outside security software should be fine, even with ICS enabled, Ron O'Brien, a senior security analyst with Sophos Latest News about Sophos, told TechNewsWorld. "Even if the vulnerability is exploited, it can't disable a third-party firewall."

Users who do not have an additional firewall could be vulnerable, Reguly added. "One thing to remember is that the ICS service is tied to the [Windows] firewall service. If ICS dies, so does your firewall."

It is difficult to imagine hackers trying to leverage the exploit, said O'Brien. "You can extrapolate that it is individual users relying on the OS for a firewall. Companies tend to have third-party protection and many layers of security." In other words, a hacker Latest News about hacker is unlikely to bother.

A New Attitude

Compared with past security flaws in Windows, this one is fairly benign. O'Brien and other security analysts, though, have noted a distinct improvement in Microsoft's (Nasdaq: MSFT) Latest News about Microsoft attitude and response time when new vulnerabilities crop up.

"Microsoft is getting better at recognizing the importance of security and the impact it has on the user experience, as well as the Internet as a whole," said O'Brien. "It's something they've taken to heart, and it is why I believe they are making such an effort now."

Social Networking Toolbox:
Talkback: Be the first to comment on this story.

Print Version E-Mail Article Reprints More by Erika Morphy   RSS

Related Resources

Don't miss a story -- sign up for our FREE e-mail newsletters and view the latest headlines at a glance.
Tech News Flash [ View Sample ]
E-Commerce Minute [ View Sample ]
ECT News Network Weekly Newsletter [ View Sample ]