New Batch of XP SP2 Holes

terap writes "Microsoft has acknowledged that it is working on a patch for a potentially serious security hole in the 'Remote Desktop' feature. It affects fully patched versions of Windows XP Service Pack 2, even with the integration firewall turned on. There is a possibility this could lead to code execution attacks."

Firewall too?

[peawee03]

Isn't a firewall supposed to block incoming connections unless specifically allowed? So how can this flaw with RD still affect it with the firewall turned on? TFA doesn't make much of a mention of this.

Other implementations of RDP

[morgan_greywolf]

Does this perhaps affect other implementations of RDP, like the one included with Gnome?

Re:Who the fuck...

[Tezkah]

I've had too many problems with firewalls from ZoneAlarm, Kerio, etc, especially with them causing XP to hang on boot, skyrocketing memory use, etc, especially compared to the extremely basic windows firewall (I'm behind a router, I don't need much out of a firewall.)

I work in a call center for a major US ISP. Do you know how often we get people calling in because Norton Internet Security is screwing up? I talked to at least two people personally just yesterday, one couldn't get his email because Norton would cause the connection to the server to close, another lady could open up PORT 80 TO BROWSE THE INTERNET. These people didn't change any settings on NIS, it just caused this on its own. I know that IE isn't secure, but that's a little extreme.

The XP Firewall hasn't bothered me at all, not a memory hog for something as simple as a firewall, and hasn't caused me any problems, which is more than I can say about ZoneAlarm/Kerio.

Tell me, what makes it not a real firewall? It blocks ports.