Users login

Create an account »


Users login

Home » Hacking News » XP firewall cracks open with SP2

XP firewall cracks open with SP2

by Nikola Strahija on December 21st, 2004 Microsoft this week quietly fixed a security weakness in the configuration of the built-in firewall component of Windows XP.

The firewall - turned on by default with XP Service Pack 2 can leave files open across the whole net if users choose to enable file and printer sharing. Such access should be restricted across a local network but Microsoft has implemented the feature in such a way that, for users of some dial-up ISPs, a local sub-net becomes the whole internet. Microsoft first informed users of this back in September but it has taken five months for it to release a fix.

The update was issued at the same time as Microsoft's monthly patch roundup earlier this week but treated separately by Redmond (insecure configuration settings and security bugs been different beasties, at least according to Microsoft). Microsoft defines the update as "critical".

In other Windows security news, a security firm Secunia warns of a flaw in IE that can be used to conduct cross-site scripting attacks. Even fully patched systems running Windows XP SP2 and up to date versions of IE are potentially vulnerable. They advise users concerned about the problem to deactivate ActiveX or to use an alternative browser.

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »