Windows Firewall flaw may hide open ports

A flaw in Windows Firewall may prevent users from seeing all the open network ports on a Windows XP or Windows Server 2003 computer.

The flaw manifests itself in the way the security application handles some entries in the Windows Registry, Microsoft said in a security advisory published Wednesday. The Windows Registry stores PC settings and is a core part of the operating system.

The bug could allow a firewall port to be open without the user being informed through the standard Windows Firewall user interface, according to the Microsoft advisory. The company has released a fix that can be downloaded from Microsoft's Web site and will be part of a future Windows service pack, the company said.

Microsoft said the firewall issue is not a security vulnerability but said the flaw could be used by an attacker who already compromised a system in an attempt to hide exceptions in the firewall.

For example, miscreants who have penetrated a computer could create and hide a firewall exception by inserting a malformed Windows Firewall exception entry in the Windows Registry. "An attacker who already compromised the system would create such malformed registry entries with the intent to confuse a user," Microsoft said.

Like other firewall software, Windows Firewall is meant to block incoming traffic to a computer. Users can allow incoming connections by creating exceptions. Windows Firewall displays these exceptions in the firewall UI, which can be reached by going to the Windows Control Panel and selecting Windows Firewall.

PC users can view all firewall exceptions--including those the unpatched Windows Firewall doesn't see--through other tools, Microsoft notes. Typing "netsh firewall show state verbose = ENABLE" at a command prompt will display all active exceptions, the company said in its advisory.

[Stating]

Test Your Firewall

It is a good idea to periodically test your firewall , be it hardware or software based, for leakiness. Don't assume that your firewall is configured properly just because you plugged the box in.

You test your firewall for free at http://www.pcflank.com or http://www.grc.com (ShieldsUP.

[Stating]

Test Your Firewall

It is a good idea to periodically test your firewall , be it hardware or software based, for leakiness. Don't assume that your firewall is configured properly just because you plugged the box in.

You test your firewall for free at http://www.pcflank.com or http://www.grc.com (ShieldsUP.

[Stating]

Test Your Firewall

It is a good idea to periodically test your firewall , be it hardware or software based, for leakiness. Don't assume that your firewall is configured properly just because you plugged the box in.

You test your firewall for free at http://www.pcflank.com or http://www.grc.com (ShieldsUP.

[Heebee Jeebies]

Does this...

Surprise anyone. I mean really. Microsoft hasn't gotten security right yet, why would thier firewall be any different. Microsoft, their software and their security are jokes. Jokes we end up paying for.

Robert

[Scott W]

and we are expected to trust vista?

this is a joke. if vista is anything like this i fear for all those poor MS junkies...

[Heebee Jeebies]

Does this...

Surprise anyone. I mean really. Microsoft hasn't gotten security right yet, why would thier firewall be any different. Microsoft, their software and their security are jokes. Jokes we end up paying for.

Robert

[Scott W]

and we are expected to trust vista?

this is a joke. if vista is anything like this i fear for all those poor MS junkies...

[Heebee Jeebies]

Does this...

Surprise anyone. I mean really. Microsoft hasn't gotten security right yet, why would thier firewall be any different. Microsoft, their software and their security are jokes. Jokes we end up paying for.

Robert

[Scott W]

and we are expected to trust vista?

this is a joke. if vista is anything like this i fear for all those poor MS junkies...

[educateme]

Joke is a nice word for: GARBAGE, MS is, as MS does

The fact you label it a joke is far too gentle a term for a company
product that is supposed to "work" at securing a PC. For
Windows lovers, MS can do no wrong, like if most seatbelts were
made out of heavy ripstop fabric, MS would find a way to add
seatbelts to windows and build them from construction paper,
outlining the fact that it is free and comes in numerous user
friendly colors, and is safe for most cars and drivers. As usual
they downplay a security weakness, or incident, saying anything
to distract the unknowing masses who bought garbage, from a
company that merely reconstitutes other's ideas, and in effect
ruins the market for security products by bundling a Firewall
into XP that does not work very well. Who among us is really
surprised, no one with any common sense.

[educateme]

Joke is a nice word for: GARBAGE, MS is, as MS does

The fact you label it a joke is far too gentle a term for a company
product that is supposed to "work" at securing a PC. For
Windows lovers, MS can do no wrong, like if most seatbelts were
made out of heavy ripstop fabric, MS would find a way to add
seatbelts to windows and build them from construction paper,
outlining the fact that it is free and comes in numerous user
friendly colors, and is safe for most cars and drivers. As usual
they downplay a security weakness, or incident, saying anything
to distract the unknowing masses who bought garbage, from a
company that merely reconstitutes other's ideas, and in effect
ruins the market for security products by bundling a Firewall
into XP that does not work very well. Who among us is really
surprised, no one with any common sense.

[educateme]

Joke is a nice word for: GARBAGE, MS is, as MS does

The fact you label it a joke is far too gentle a term for a company
product that is supposed to "work" at securing a PC. For
Windows lovers, MS can do no wrong, like if most seatbelts were
made out of heavy ripstop fabric, MS would find a way to add
seatbelts to windows and build them from construction paper,
outlining the fact that it is free and comes in numerous user
friendly colors, and is safe for most cars and drivers. As usual
they downplay a security weakness, or incident, saying anything
to distract the unknowing masses who bought garbage, from a
company that merely reconstitutes other's ideas, and in effect
ruins the market for security products by bundling a Firewall
into XP that does not work very well. Who among us is really
surprised, no one with any common sense.

[jac_stargate]

Yahoo News Online does not Support Linux Users

Yahoo System Requirements
==========================
Browsers:
-Mozilla Netscape 7.1
-Media Player RealPlayer10Gold

Anyway, I have install Netscape 7.1 and 7.2 with all
plugins?

Browsers:

FIREFOX 1.0.7
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050920 Firefox/1.0.7 SUSE/1.0.7-0.1
NETSCAPE 7.1
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030624 Netscape/7.1
NETSCAPE 7.2
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.2) Gecko/20040805 Netscape/7.2
MOZILLA 1.7.12
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050921

Plugins:

SHOCKWAVE
application/x-shockwave-flash Shockwave Flash swf Yes
FUTURESPLASH
application/futuresplash FutureSplash Player spl Yes
REALPLAYER 10 GOLD PLUGIN "OR HELIX PLUGIN"
audio/x-pn-realaudio-plugin RealPlayer Plugin Metafile rpm Yes

NOTHING NADA NICH!!! WHY THEY DON'T PUBLISH, WE ONLY WELCOME MS WINDOWS USERS, MAYBE BILL GATE WILL BUY YAHOO TOO, OR MAYBE WE STILL HAVE A CHANCE TO BECOME PARTNERS, JUST LIKE MTV, ETC...

[jac_stargate]

Yahoo News Online does not Support Linux Users

Yahoo System Requirements
==========================
Browsers:
-Mozilla Netscape 7.1
-Media Player RealPlayer10Gold

Anyway, I have install Netscape 7.1 and 7.2 with all
plugins?

Browsers:

FIREFOX 1.0.7
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050920 Firefox/1.0.7 SUSE/1.0.7-0.1
NETSCAPE 7.1
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030624 Netscape/7.1
NETSCAPE 7.2
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.2) Gecko/20040805 Netscape/7.2
MOZILLA 1.7.12
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050921

Plugins:

SHOCKWAVE
application/x-shockwave-flash Shockwave Flash swf Yes
FUTURESPLASH
application/futuresplash FutureSplash Player spl Yes
REALPLAYER 10 GOLD PLUGIN "OR HELIX PLUGIN"
audio/x-pn-realaudio-plugin RealPlayer Plugin Metafile rpm Yes

NOTHING NADA NICH!!! WHY THEY DON'T PUBLISH, WE ONLY WELCOME MS WINDOWS USERS, MAYBE BILL GATE WILL BUY YAHOO TOO, OR MAYBE WE STILL HAVE A CHANCE TO BECOME PARTNERS, JUST LIKE MTV, ETC...

[jac_stargate]

Yahoo News Online does not Support Linux Users

Yahoo System Requirements
==========================
Browsers:
-Mozilla Netscape 7.1
-Media Player RealPlayer10Gold

Anyway, I have install Netscape 7.1 and 7.2 with all
plugins?

Browsers:

FIREFOX 1.0.7
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050920 Firefox/1.0.7 SUSE/1.0.7-0.1
NETSCAPE 7.1
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030624 Netscape/7.1
NETSCAPE 7.2
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.2) Gecko/20040805 Netscape/7.2
MOZILLA 1.7.12
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050921

Plugins:

SHOCKWAVE
application/x-shockwave-flash Shockwave Flash swf Yes
FUTURESPLASH
application/futuresplash FutureSplash Player spl Yes
REALPLAYER 10 GOLD PLUGIN "OR HELIX PLUGIN"
audio/x-pn-realaudio-plugin RealPlayer Plugin Metafile rpm Yes

NOTHING NADA NICH!!! WHY THEY DON'T PUBLISH, WE ONLY WELCOME MS WINDOWS USERS, MAYBE BILL GATE WILL BUY YAHOO TOO, OR MAYBE WE STILL HAVE A CHANCE TO BECOME PARTNERS, JUST LIKE MTV, ETC...