FBI backtracks on Windows security alert

The FBI's National Infrastructure Protection Centre (NIPC) has revised its recent security bulletin regarding Windows' universal...

The FBI's National Infrastructure Protection Centre (NIPC) has revised its recent security bulletin regarding Windows' universal plug-and-play (UPnP) service.

The NIPC issued a bulletin on 24 December advising Windows XP users to consider turning off the UPnP service to close a security hole that could allow hackers to break into a user's computer. That recommendation followed the posting of a patch by Microsoft on its Web site.

In an updated security bulletin, the NIPC has dropped the recommendation to disable UPnP and instead recommends that the Microsoft patch be installed to correct the security vulnerability.

Marty Lindner, a team leader at the CERT Coordination Centre, explained that, security experts were not able to fully explore solutions to the problem because of the Christmas and New Year's holidays.

"The quality of the information and the time to analyse it was short, so they put out the best information they could," Lindner said.

The security vulnerability was a buffer overflow that could allow distributed denial-of-service attacks and other intrusions. The problem also could affect Windows 98, 98SE and ME, which use the UPnP service.

The UPnP service allows PCs to use network-based devices. Windows XP has native UPnP capability, which runs by default, while Windows ME, Windows 98 and 98SE all have UPnP capability.

The NIPC now believes that the vulnerability is in one of the protocol services that actually implement the UPnP service.

Charles Kolodgy, an analyst at IDC, said the updated bulletin from the NIPC may not end the discussion about the vulnerability.

"The bad part is it kind of makes it a little confusing for what users should do," he said.



Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.