XP SP2 Firewall security breach

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Came across this today, can't believe what I'm reading, but it seems
microsoft have put in a backdoor to the XP SP2 Firewall! check out this link


Re: XP SP2 Firewall security breach

Quoted text here. Click to load it

It's not really a backdoor, since the user has to do something to
disable the firewall.  That "something" could be execution of a Trojan,
but a backdoor is something that an outsider can take advantage of
without any help from the user.

One thing I wonder about the mechanism they describe -- does it require
that the user running it have Administrator privilege?

Barry Margolin, barmar@alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***

Re: XP SP2 Firewall security breach

On Thu, 11 Nov 2004 19:20:06 -0500, Barry Margolin

Quoted text here. Click to load it

The contention of the article is that a virus or other malicious
spyware could alter the firewall without the user knowing about it.

Quoted text here. Click to load it

Yes it does, which makes the whole issue of whether a program can
alter the firewall pointless.  Running as as admin puts you at a far
bigger risk, imho.

Besides, the Windows XP SP2 firewall doesn't prevent a program from
starting an outbound connection.  It only stops inbound connections.


Site Timeline