All the latest UK technology news, reviews and analysis

Experts downplay Windows XP vulnerability

by Shaun Nichols

More from this author

01 Nov 2006

Be the first to comment

  • Tweet this
IT security
A vulnerability in Windows XP is 'obscure' and 'easily fixable', say experts

A recently discovered vulnerability in Windows XP that could lead to an attacker disabling a user's firewall is being downplayed by security experts who say that the flaw is "obscure" and "easily fixable".

The vulnerability lies within the Windows Internet Connection Service (ICS), a component that lets users share one computer's internet connection with other machines on a local area network (Lan).

When the ICS component crashes, the Windows Firewall is disabled as well, leaving the system vulnerable to attack, according to security company nCircle. The firm suggests disabling ICS to mitigate the risk. 

However, blogger George Ou at TechRepublic was critical of nCircle's solution, claiming that disabling ICS would also disable the Windows Firewall

The vulnerability itself is not a major problem either, according to security company Sunbelt Software.

Alex Eckelberry, president of Sunbelt Software, maintained that most users do not even use the ICS component.

He also pointed out that the attack would have to take place from a computer within the Lan, and that the vulnerability is not exploitable by any outside attack methods such as specially-crafted web pages or emails.

Sunbelt, Ou and security company Secunia all offer a simple fix for the vulnerability by using a router to share internet connections on a Lan rather than relying on ICS.

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

data-security-key

Thousands of public encryption keys found to offer no security

Related white papers

Related articles

Related jobs

Today's top stories

Web blocking. Content owners want to stop copyright infringement

Music file-sharing site taken offline by UK Serious Organised Crime Agency

Mozilla Firefox logo

Mozilla adds Android and security updates to Firefox roadmap

Acer Aspire S3 Ultrabook

Acer Aspire S3 ultrabook review

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Features

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

Khidr headshot

Intel will prove Steve Jobs wrong in the mobile market

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

Java developer (J2EE/Web) - Nr Warrington (off M6)

Java / J2EE analyst programmer with experience of building...

Crystal Reports Developer London or Dublin £340 per day

Crystal Reports Developer London or Dublin £340 per day...

Systems Administrator

Our client is a major Broadcasting company seeking a...

Support Engineer - Linux/ Windows

Support Engineer required to work for leading Online...

To send to more than one email address, simply separate each address with a comma.