Experts downplay Windows XP vulnerability

By
Follow google news

A recently discovered vulnerability in Windows XP that could lead to an attacker disabling a user's firewall is being downplayed by security experts who say that the flaw is "obscure" and "easily fixable."

Experts downplay Windows XP vulnerability
The vulnerability lies within the Windows Internet Connection Service (ICS), a component that lets users share one computer's internet connection with other machines on a local area network (Lan).

When the ICS component crashes, the Windows Firewall is disabled as well, leaving the system vulnerable to attack, according to security company nCircle. The firm suggests disabling ICS to mitigate the risk. 

However, blogger George Ou at TechRepublic was critical of nCircle's solution, claiming that disabling ICS would also disable the Windows Firewall. 

The vulnerability itself is not a major problem either, according to security company Sunbelt Software.

Alex Eckelberry, president of Sunbelt Software, maintained that most users do not even use the ICS component.

He also pointed out that the attack would have to take place from a computer within the Lan, and that the vulnerability is not exploitable by any outside attack methods such as specially-crafted web pages or emails.

Sunbelt, Ou and security company Secunia all offer a simple fix for the vulnerability by using a router to share internet connections on a Lan rather than relying on ICS.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
downplayexpertssecurityvulnerabilitywindowsxp

Sponsored Whitepapers

Make cloud predictable again
Make cloud predictable again
Cut through the SASE confusion
Cut through the SASE confusion
AI Readiness Starts Here: Build a Future-Proof, Value-Driven AI Strategy with Brennan
AI Readiness Starts Here: Build a Future-Proof, Value-Driven AI Strategy with Brennan
Build the Infrastructure for Your AI Revolution
Build the Infrastructure for Your AI Revolution
2026 Engineering Reality Report
2026 Engineering Reality Report

Most Read Articles

Optus takes $826,000 hit for anti-scam breaches

Optus takes $826,000 hit for anti-scam breaches
Australia, US and UK sanction Russian cyber firms over ransomware links

Australia, US and UK sanction Russian cyber firms over ransomware links
JPMorgan, Citi, Morgan Stanley client data may be exposed by vendor's hack

JPMorgan, Citi, Morgan Stanley client data may be exposed by vendor's hack
Australia's AUKUS base to connect to subsea cables

Australia's AUKUS base to connect to subsea cables
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio

Log In

  |  Forgot your password?