A recently discovered vulnerability in Windows XP that could lead to an attacker disabling a user's firewall is being downplayed by security experts who say that the flaw is "obscure" and "easily fixable".
The vulnerability lies within the Windows Internet Connection Service (ICS), a component that lets users share one computer's internet connection with other machines on a local area network (Lan).
When the ICS component crashes, the Windows Firewall is disabled as well, leaving the system vulnerable to attack, according to security company nCircle. The firm suggests disabling ICS to mitigate the risk.
However, blogger George Ou at TechRepublic was critical of nCircle's solution, claiming that disabling ICS would also disable the Windows Firewall.
The vulnerability itself is not a major problem either, according to security company Sunbelt Software.
Alex Eckelberry, president of Sunbelt Software, maintained that most users do not even use the ICS component.
He also pointed out that the attack would have to take place from a computer within the Lan, and that the vulnerability is not exploitable by any outside attack methods such as specially-crafted web pages or emails.
Sunbelt, Ou and security company Secunia all offer a simple fix for the vulnerability by using a router to share internet connections on a Lan rather than relying on ICS.
Experts downplay Windows XP vulnerability
By Shaun Nichols on Nov 2, 2006 10:06AM