Microsoft has warned of a bug in Windows Firewall that could create an exception in the firewall that would not show up on the user interface.
The “unexpected behaviour” in the way the user interface handles malformed entries in the Windows Registry was “not a vulnerability”, the software giant said in a security advisory notice.
“Administrative privileges are required to access the associated section of the Windows Registry that contains this configuration information. By using documented methods to manage and create Windows Firewall exceptions, it is unlikely that a malformed registry entry will be produced which would exhibit this behaviour,” it said.
But Microsoft admitted that an attacker who had already compromised the system could “create such malformed registry entries with intent to confuse a user”.
Windows XP Service Pack 2 and Windows XP Professional x64 Edition are affected, along with Windows Server 2003 Service Pack 1, Windows Server 2003 with SP1 for Itanium-based systems and Windows Server 2003 x64 Edition.
The advisory included a tested workaround that would allow administrators to see a list of defined exceptions to the firewall, although it would not remedy the underlying problem. An update would be included in future service packs, Microsoft said.