Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Windows Attack Can Disable Firewall

Posted by ryuzaki0 on from the he-shoots-he-scores dept.

BobB writes to tell us NetworkWorld is reporting that new code released on Sunday could allow a fully patched Windows XP PC's personal firewall to be disabled via a malicious data packet. The exploit depends on the use of Microsoft's Internet Connection Service. From the article: "The attacker could send a malicious data packet to another PC using ICS that would cause the service to terminate. Because this service is connected to the Windows firewall, this packet would also cause the firewall to stop working, said Tyler Reguly, a research engineer at nCircle Network Security Inc."

9 of 273 comments (clear)

  1. Please explain me... by Anonymous Coward · · Score: 2, Funny

    What those engineers were thinking? A data package, the thing a firewall is filtering to some point, can disable the firewall? Who thought it would be a nice feature to have that?

    "We need a firewall of our own!"
    "Why?"
    "To keep our monopoly; those firewall and antivirus companies are making money that should be in our pockets."
    "But antitrust..?"
    "We say it's because we want to have a secure system, it should've been in the first place. Those companies have no case! >:D"
    "But even we cannot access their systems anymore without logging our activity on our massive 'slave-farm'."
    "We'll add a backdoor, so we can remotely disable it. Noone will ever find it >:)"
    "Excellent..."
  2. Microsoft change the definitions to suit by Centurix · · Score: 3, Funny

    When they advertise that XP installations come with a firewall, they in fact mean that XP installations come installed with a wall of fire. The EULA clearly states that, somewhere near the bottom next to the pictures of cats and the sudoku puzzles, because no-one ever reads that far...

    --
    Task Mangler
  3. Re:What can you trust? by gbobeck · · Score: 4, Funny
    You use an IPS/IDS appliance that goes up to level 7.

    For extra effectiveness, make sure your level 7 IPS/IDS appliance is armed with nothing less than a +3 Sword of Packet Smiting.
    --
    Navicula hydraulica plena anguilarum est. Omnes castelli tuus nostri sunt. Ed elli avea del cul fatto trombetta.
  4. In Soviet Russia ... by Anonymous Coward · · Score: 1, Funny

    ... firewalls disable you.

  5. Re:What can you trust? by pedestrian+crossing · · Score: 5, Funny

    You use an IPS/IDS appliance that goes up to level 7.

    Mine goes up to 11.

    --
    A house divided against itself cannot stand.
  6. Re:Is Telstra not one of the biggest? by Mike89 · · Score: 2, Funny

    Why did that annoy you?

  7. Why Does Windows Get All the Press? by RAMMS+EIN · · Score: 3, Funny

    Why does Windows get all the press? It's not fair! I want to see some coverage of stupid holes in Linux and the free BSDs!

    --
    Please correct me if I got my facts wrong.
  8. Re:Is Telstra not one of the biggest? by Linker3000 · · Score: 3, Funny

    Eliza? That you?

    --
    AT&ROFLMAO
  9. OT by hummassa · · Score: 2, Funny
    Eliza? That you?
    Do you want to talk about Eliza?
    --
    It's better to be the foot on the boot than the face on the pavement. ~~ tkx Kadin2048