All the latest UK technology news, reviews and analysis
|
|
|
14 Nov 2001
A flaw in the Universal Plug and Play (UPnP) facility in Microsoft's Windows XP could enable a hacker to launch a denial of service attack.
UPnP is a Microsoft-backed industry standard which uses web protocols and allows PCs, printers and wireless devices plugged into a network to automatically communicate with each other.
Further reading
On Windows XP systems each UPnP request uses memory that is not being freed up because of a memory leak error.
A hacker could manipulate the error by exhausting the system's memory resources via repeatedly sending invalid UPnP data to the target system. The flaw also affects Windows 98 and ME systems.
Microsoft has been forced to issue a warning and a patch is now available, although the risk is classified as low.
Standard firewall practices, such as blocking ports 1900 and 5000, and activating the Windows XP default firewall would impede an attacker's ability to locate and attack the system.
The Microsoft advisory on this bug can be found here.
Latest stories from Operating Systems
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
V3 examines the key strengths and weaknesses of Samsung's latest iPhone killer
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
C#, WPF, Silverlight, UI Development, Software Engineers...
Candidate required who is used to working in a client...
Build Change Release Manager / Build Change Manager...
IT Service Desk Manager / Liverpool / Up to £60,000...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?