Feeds

Windows Firewall exploit overhyped

Nothing to see here, please move along

Security for virtualized datacentres

The release of an exploit that means a hacker, who happens to be on the same local area network, can knock over Windows Firewall on machines running XP has created a lot of publicity, despite being not much of a threat. By using the exploit, an attacker could disable Windows Firewall on a fully patched machine running Internet Connection Service (ICS).

ICS allows small businesses or home users to share an internet connection through a machine which acts as a hub. But with the advent of cheap routers few people need to use the service which, as nCircle points out, can be disabled quite easily without turning off Windows Firewall.

Turning off the firewalls of users removes barriers to potential attacks and the exploit would be more noteworthy if it worked remotely, which it doesn't. Attackers need to attack from inside the same LAN as potential victims, which greatly reduces the potential for mischief even when attacking basic home or small business networks.

As Secunia advises, the best approach to dealing with the problem (such as it is) is to find another way of sharing an internet connection.

Now, if you'll excuse me, I'm off to investigate reports that cows have stopped producing milk in Somerset as the result of an IE exploit or possibly generated the influx of whiskey-loving Romanian witches. ®

Internet Security Threat Report 2014

More from The Register

next story
PEAK APPLE: iOS 8 is least popular Cupertino mobile OS in all of HUMAN HISTORY
'Nerd release' finally staggers past 50 per cent adoption
Tim Cook: The classic iPod HAD to DIE, and this is WHY
Apple, er, couldn’t get the parts for HDD models
Apple spent just ONE DOLLAR beefing up the latest iPad Air 2
New iPads look a lot like the old one. There's a reason for that
Google Glassholes are UNDATEABLE – HP exec
You need an emotional connection, says touchy-feely MD... We can do that
Lawyers mobilise angry mob against Apple over alleged 2011 Macbook Pro crapness
We suffered 'random bouts of graphical distortion' - fanbois
Caterham Seven 160 review: The Raspberry Pi of motoring
Back to driving's basics with a joyously legal high
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
How to simplify SSL certificate management
Simple steps to take control of SSL certificates across the enterprise, and recommendations centralizing certificate management throughout their lifecycle.