Exploit could disable Windows firewall

Security experts have warned of a denial of service exploit that could allow hackers to disable the firewall on some versions of Windows.

Security experts have warned of a denial of service exploit that could allow hackers to disable the firewall on some versions of Windows.

Tyler Reguly of security firm nCircle warned in a blog post that users of Windows XP with Internet Connection Sharing enabled could be vulnerable to the denial of service exploit.

The exploit targets the ipnathlp.dll file used by the Windows Internet Connection Sharing (ICS) service. Reguly warned, “One thing to remember is that the ICS service is tied to the firewall service. If ICS dies, so does your firewall.”

The Sans Internet Storm Centre, which is tracking the exploit, said it had received a report that the exploit could be used against a fully patched Windows XP SP2 system.

To minimise the risk, Reguly advised users to disable Internet Connection, block UDP port 53 (DNS) on the computer that is sharing the internet and manually set the DNS server to their ISP’s DNS address.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT risk management

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

  • Dissecting the Hack

    In this excerpt from chapter three of Dissecting the Hack: The V3RB0TEN Network, authors Jayson E. Street, Kristin Sims and Brian...

  • Digital Identity Management

    In this excerpt of Digital Identity Management, authors Maryline Laurent and Samia Bousefrane discuss principles of biometrics ...

  • Becoming a Global Chief Security Executive Officer

    In this excerpt of Becoming a Global Chief Security Executive Officer: A How to Guide for Next Generation Security Leaders, ...

SearchNetworking

SearchDataCenter

SearchDataManagement

Close