I am a security novice, and I'd like to know if having UPnP activated when downloading torrents involves unacceptable security risks, even when using a range of security software programs. The reason for my question is as follows... I have just started exploring the whole bittorrent scene, and I have been having huge difficulties trying to get port-forwarding to work with the uTorrent client, despite the fact that I have exhaustively followed the portforward.com instructions, setting up a static IP address and setting up a user rule to forward the specified port in my router. I have been able to download, but only at very slow speeds, and uTorrent always tells me that my ports have not been forwarded and gives me a "No incoming connections" error message. I have found hundreds of similar posts on the net, without any resolution. In desperation, I decided to try my ISP help desk. They advised me to abandon port forwarding completely, to get rid of the static IP address and instead to enable UPnP in the router and in uTorrent. I have done this and now uTorrent gives me the green tick and I'm getting download speeds of 350-450kB/s (as compared to 40 previously). So that seems to be fine. HOWEVER, I know that there are security issues associated with UPnP, though I don't understand what they are or whether they can be avoided without disabling it completely. I wonder if anyone can advise me whether I am opening myself to unacceptable security risks by going down the UPnP path as compared to the manual port forwarding path. I am running Windows XP Pro SP3, Online Armor firewall free, Avast! antivirus free, Superantispyware Pro, Spyware Blaster, uTorrent 1.8.1, PeerGuardian 2.0 Beta 6c My router is an Open iConnect Access 624 (Firmware Version: 624 R07-00 OPEN) . My ISP is Internode and my plan is ADSL2+. My latest speedtest showed my download speed as 4700kbps and upload as 710kbps.