Microsoft alerts users to firewall flaw
TechWorld.com - Microsoft Corp. has alerted users to a problem in Windows Firewall that could be exploited by attackers as part of a broader system infection. The problem means that Windows Firewall can be made to hide certain information from the user, Microsoft said.
The bug isn't itself a vulnerability, Microsoft said in an advisory last week, since it can't be used to invade a system. It is, rather, an "unexpected behavior" that an attacker could use to cover up malicious activity, Microsoft said.
The company issued a patch for the problem, available only to authenticated Windows users.
The flaw is in the way Windows Firewall displays exception entries, which are created by administrators to allow incoming network connections. If an exception is created in the registry, it won't be displayed in the Windows Firewall user interface, meaning users might not be able to spot the exception entry.
It's unlikely that such a registry entry would be created under ordinary circumstances, and a user couldn't create one without administrator privileges, Microsoft said.
"It is more likely that an attacker who has already compromised the system would create such malformed registry entries with intent to confuse a user," Microsoft said in the advisory.
The patch fixes the issue, and Microsoft also released a workaround, found in the relevant Knowledge Base entry. Microsoft also noted that the problem doesn't affect command line firewall administration tools.
Though the flaw could conceivably be of use to attackers, Microsoft said the problem wasn't security related.
"Although this is not a security vulnerability, this non-security update was issued to provide users a way to display malformed Windows Firewall configuration registry entries," the company said in the Knowledge Base article.



- Excel 2010 Cheat Sheet
- Register for this Computerworld Insider Cheat Sheet and gain access to hundreds of premium content articles, guides, product reviews and more.
- Reducing the Cost and Complexity of Web Vulnerability Management
- Hackers and cybercriminals are constantly refining their attacks and targets; which means you need agile tools to stay ahead of them.
Download this... - Overcome Top 7 Admin Challenges of Active Directory
- As Active Directory's role in the enterprise has drastically increased, so has the need to secure the data. Gain insight on creating repeatable,...
- Insiders Can Ruin Your Company. Take Action.
- Did you know that 80 percent of threats to an organization come from the inside? The threat from insiders is often overlooked in...
- Top Solutions and Tools to Prevent Devastating Malware
- Custom malware frequently goes undetected. According to Forrester Research, the best way to reduce risk of breach is to deploy file integrity monitoring...
- Streamline Compliance and Increase ROI
- Streamline, simplify, and automate compliance related activities; especially those that impact multiple business units. This white paper from NetIQ, outlines solutions that will... All Malware and Vulnerabilities White Papers
- Optimizing Networks for the Cloud
- Join guest speaker, Rohit Mehra, IDC Director of Enterprise Communications Infrastructure, to explore current trends, discuss best practices for optimizing Data Center and...
- Apps QuickStart Series Part 2: Designing and Deploying SQL Server on VMware vSphere
- Download this webcast to learn about the design considerations for virtualizing SQL workloads, performance and scalability information and high-availability options, as well as...
- Apps QuickStart Series Part 1: Designing and Deploying Exchange 2010 on VMware vSphere
- Download this webcast to learn the virtual hardware design considerations for Exchange 2010, deployment using the building block approach, options for high-availability and...
- Customer Spotlight: How IPC The Hospitalist Company Implemented Oracle on VMware
- Have you been looking to hear about customer's experiences with the new VMware vCenter Site Recovery Manager product? View this webcast to learn...
- Virtualize Business-Critical Applications with Confidence
- Virtualizing business-critical applications has become a key focus for organizations as they move along their virtualization journey. With the launch of VMware vSphere®... All Malware and Vulnerabilities Webcasts