Check out AT&T's FREE camera phones
September 1, 2005 4:45 PM PDT
Windows Firewall flaw may hide open ports
- Related Stories
-
Flaw may hide malicious software
August 26, 2005
The flaw manifests itself in the way the security application handles some entries in the Windows Registry, Microsoft said in a security advisory published Wednesday. The Windows Registry stores PC settings and is a core part of the operating system.
The bug could allow a firewall port to be open without the user being informed through the standard Windows Firewall user interface, according to the Microsoft advisory. The company has released a fix that can be downloaded from Microsoft's Web site and will be part of a future Windows service pack, the company said.
Microsoft said the firewall issue is not a security vulnerability but said the flaw could be used by an attacker who already compromised a system in an attempt to hide exceptions in the firewall.
For example, miscreants who have penetrated a computer could create and hide a firewall exception by inserting a malformed Windows Firewall exception entry in the Windows Registry. "An attacker who already compromised the system would create such malformed registry entries with the intent to confuse a user," Microsoft said.
Like other firewall software, Windows Firewall is meant to block incoming traffic to a computer. Users can allow incoming connections by creating exceptions. Windows Firewall displays these exceptions in the firewall UI, which can be reached by going to the Windows Control Panel and selecting Windows Firewall.
PC users can view all firewall exceptions--including those the unpatched Windows Firewall doesn't see--through other tools, Microsoft notes. Typing "netsh firewall show state verbose = ENABLE" at a command prompt will display all active exceptions, the company said in its advisory.
See more CNET content tagged:
Microsoft Windows Firewall,
firewall,
exception,
security application,
Windows registry
You test your firewall for free at http://www.pcflank.com or http://www.grc.com (ShieldsUP.
You test your firewall for free at http://www.pcflank.com or http://www.grc.com (ShieldsUP.
You test your firewall for free at http://www.pcflank.com or http://www.grc.com (ShieldsUP.
Robert
Robert
Robert
product that is supposed to "work" at securing a PC. For
Windows lovers, MS can do no wrong, like if most seatbelts were
made out of heavy ripstop fabric, MS would find a way to add
seatbelts to windows and build them from construction paper,
outlining the fact that it is free and comes in numerous user
friendly colors, and is safe for most cars and drivers. As usual
they downplay a security weakness, or incident, saying anything
to distract the unknowing masses who bought garbage, from a
company that merely reconstitutes other's ideas, and in effect
ruins the market for security products by bundling a Firewall
into XP that does not work very well. Who among us is really
surprised, no one with any common sense.
product that is supposed to "work" at securing a PC. For
Windows lovers, MS can do no wrong, like if most seatbelts were
made out of heavy ripstop fabric, MS would find a way to add
seatbelts to windows and build them from construction paper,
outlining the fact that it is free and comes in numerous user
friendly colors, and is safe for most cars and drivers. As usual
they downplay a security weakness, or incident, saying anything
to distract the unknowing masses who bought garbage, from a
company that merely reconstitutes other's ideas, and in effect
ruins the market for security products by bundling a Firewall
into XP that does not work very well. Who among us is really
surprised, no one with any common sense.
product that is supposed to "work" at securing a PC. For
Windows lovers, MS can do no wrong, like if most seatbelts were
made out of heavy ripstop fabric, MS would find a way to add
seatbelts to windows and build them from construction paper,
outlining the fact that it is free and comes in numerous user
friendly colors, and is safe for most cars and drivers. As usual
they downplay a security weakness, or incident, saying anything
to distract the unknowing masses who bought garbage, from a
company that merely reconstitutes other's ideas, and in effect
ruins the market for security products by bundling a Firewall
into XP that does not work very well. Who among us is really
surprised, no one with any common sense.
==========================
Browsers:
-Mozilla Netscape 7.1
-Media Player RealPlayer10Gold
Anyway, I have install Netscape 7.1 and 7.2 with all
plugins?
Browsers:
FIREFOX 1.0.7
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050920 Firefox/1.0.7 SUSE/1.0.7-0.1
NETSCAPE 7.1
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030624 Netscape/7.1
NETSCAPE 7.2
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.2) Gecko/20040805 Netscape/7.2
MOZILLA 1.7.12
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050921
Plugins:
SHOCKWAVE
application/x-shockwave-flash Shockwave Flash swf Yes
FUTURESPLASH
application/futuresplash FutureSplash Player spl Yes
REALPLAYER 10 GOLD PLUGIN "OR HELIX PLUGIN"
audio/x-pn-realaudio-plugin RealPlayer Plugin Metafile rpm Yes
NOTHING NADA NICH!!! WHY THEY DON'T PUBLISH, WE ONLY WELCOME MS WINDOWS USERS, MAYBE BILL GATE WILL BUY YAHOO TOO, OR MAYBE WE STILL HAVE A CHANCE TO BECOME PARTNERS, JUST LIKE MTV, ETC...
==========================
Browsers:
-Mozilla Netscape 7.1
-Media Player RealPlayer10Gold
Anyway, I have install Netscape 7.1 and 7.2 with all
plugins?
Browsers:
FIREFOX 1.0.7
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050920 Firefox/1.0.7 SUSE/1.0.7-0.1
NETSCAPE 7.1
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030624 Netscape/7.1
NETSCAPE 7.2
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.2) Gecko/20040805 Netscape/7.2
MOZILLA 1.7.12
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050921
Plugins:
SHOCKWAVE
application/x-shockwave-flash Shockwave Flash swf Yes
FUTURESPLASH
application/futuresplash FutureSplash Player spl Yes
REALPLAYER 10 GOLD PLUGIN "OR HELIX PLUGIN"
audio/x-pn-realaudio-plugin RealPlayer Plugin Metafile rpm Yes
NOTHING NADA NICH!!! WHY THEY DON'T PUBLISH, WE ONLY WELCOME MS WINDOWS USERS, MAYBE BILL GATE WILL BUY YAHOO TOO, OR MAYBE WE STILL HAVE A CHANCE TO BECOME PARTNERS, JUST LIKE MTV, ETC...
==========================
Browsers:
-Mozilla Netscape 7.1
-Media Player RealPlayer10Gold
Anyway, I have install Netscape 7.1 and 7.2 with all
plugins?
Browsers:
FIREFOX 1.0.7
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050920 Firefox/1.0.7 SUSE/1.0.7-0.1
NETSCAPE 7.1
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030624 Netscape/7.1
NETSCAPE 7.2
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.2) Gecko/20040805 Netscape/7.2
MOZILLA 1.7.12
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050921
Plugins:
SHOCKWAVE
application/x-shockwave-flash Shockwave Flash swf Yes
FUTURESPLASH
application/futuresplash FutureSplash Player spl Yes
REALPLAYER 10 GOLD PLUGIN "OR HELIX PLUGIN"
audio/x-pn-realaudio-plugin RealPlayer Plugin Metafile rpm Yes
NOTHING NADA NICH!!! WHY THEY DON'T PUBLISH, WE ONLY WELCOME MS WINDOWS USERS, MAYBE BILL GATE WILL BUY YAHOO TOO, OR MAYBE WE STILL HAVE A CHANCE TO BECOME PARTNERS, JUST LIKE MTV, ETC...