Another critical update for SP2

Discussion in 'other security issues & news' started by Down_Under, Dec 18, 2004.

Thread Status:
Not open for further replies.
  1. Down_Under

    Down_Under Guest

    A critical update for the second service pack issued for Windows XP was quietly released by Microsoft on Tuesday without any mention of it on the company's main security page.

    The flaw, which could leave a computer open to anyone on the internet when the user connects through a dial-up connection, was instead mentioned in an article in the company's Knowledge Base.

    According to the article, the computer of a user becomes accessible to anyone on the net because of the way Windows Firewall interprets local subnets when the "My network (subnet) only" option is used.

    "Because of the way that some dialing software configures routing tables, Windows Firewall in Windows XP SP2 can sometimes interpret the whole internet to be a local subnet. This can let anyone on the internet access the Windows Firewall exceptions," it says.

    "When the "My network (subnet) only" option is enabled, it is automatically selected for file and print sharing. Therefore, your shared drives can be unexpectedly revealed on the internet when you use a dial-up connection."

    The article provides a link to a patch with this legend: "To resolve this problem, you must download and install the Critical Update for Windows XP (KB886185)

    Well-known security expert Richard Forno, who noticed this and posted details about it on his own mailing list, had just one comment: "How many ways can Redmond say 'oops?'"

    Microsoft's security lead in Australia, Ben English, said details of the flaw were not included in the December releases "because it didn't fit the security vulnerability criteria as stated publicly."

    "These criteria are reviewed regularly and we strive to provide a definition which meets our customers' needs," English said.

    "Microsoft is aware of a report detailing behaviour in the Windows XP SP2 'Windows Firewall' when users enable an exception for file and print sharing. This report notes that certain configurations of the Windows Firewall on some network connections could allow the file and print sharing services to be open to a larger number of computers than the user intended. Microsoft has reviewed the report and verified the behavior as reported but in accordance with the design of Windows Firewall."
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.