Experts downplay Windows XP vulnerability

By
Follow google news

A recently discovered vulnerability in Windows XP that could lead to an attacker disabling a user's firewall is being downplayed by security experts who say that the flaw is "obscure" and "easily fixable."

Experts downplay Windows XP vulnerability
The vulnerability lies within the Windows Internet Connection Service (ICS), a component that lets users share one computer's internet connection with other machines on a local area network (Lan).

When the ICS component crashes, the Windows Firewall is disabled as well, leaving the system vulnerable to attack, according to security company nCircle. The firm suggests disabling ICS to mitigate the risk. 

However, blogger George Ou at TechRepublic was critical of nCircle's solution, claiming that disabling ICS would also disable the Windows Firewall. 

The vulnerability itself is not a major problem either, according to security company Sunbelt Software.

Alex Eckelberry, president of Sunbelt Software, maintained that most users do not even use the ICS component.

He also pointed out that the attack would have to take place from a computer within the Lan, and that the vulnerability is not exploitable by any outside attack methods such as specially-crafted web pages or emails.

Sunbelt, Ou and security company Secunia all offer a simple fix for the vulnerability by using a router to share internet connections on a Lan rather than relying on ICS.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
downplayexpertssecurityvulnerabilitywindowsxp

Sponsored Whitepapers

Protect the data your business relies on
Protect the data your business relies on
The cloud tipping point
The cloud tipping point
How AI will deliver real business value
How AI will deliver real business value
The multicloud imperative
The multicloud imperative
Your multicloud advantage
Your multicloud advantage

Events

Most Read Articles

WA man jailed for at least five years for evil twin attack

WA man jailed for at least five years for evil twin attack
Home Affairs to unleash AI on sensitive government data

Home Affairs to unleash AI on sensitive government data
Watt flags more fed insourcing after BoM website outrage

Watt flags more fed insourcing after BoM website outrage
ASX outage caused by security software upgrade

ASX outage caused by security software upgrade
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio

Log In

  |  Forgot your password?