Ads by TechWords

See your link here
Receive the latest technology news and information.
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

Windows XP security alert revised by FBI agency

January 3, 2002 12:00 PM ET

Computerworld - The FBI's National Infrastructure Protection Center (NIPC) has revised its recent security bulletin regarding Windows XP's Universal Plug and Play (UPnP) service.

On Christmas Eve, the NIPC issued a bulletin advising Windows XP users to consider turning off the UPnP service to close a security hole that could allow hackers to break into a user's computer (see story). That recommendation followed the posting of a patch by Microsoft Corp. on its Web site (see story).

Now, in an updated security bulletin, the NIPC has dropped the recommendation to disable UPnP. Instead, the Washington-based agency is recommending that the Microsoft patch be installed to correct the security vulnerability.

Marty Lindner, a team leader at the CERT Coordination Center at Carnegie Mellon University in Pittsburgh, said the original NIPC alert was updated after better information became available about the problem. Because of the Christmas and New Year's holidays, security experts weren't able to fully explore solutions to the problem at that time, he said.

"The quality of the information and the time to analyze it was short, so they put out the best information they could," Lindner said.

The security vulnerability was a buffer overflow that could allow distributed denial-of-service attacks and other intrusions, according to the NIPC. The problem also could affect Windows 98, 98SE and ME, which use the UPnP service.

The UPnP service allows PCs to discover and use various network-based devices such as printers. Windows XP has native UPnP capability, which runs by default on the system. Windows ME also includes native UPnP capability, but it doesn't run by default. With Windows 98 and 98SE, UPnP must be installed via the Internet Connection Sharing client that ships with Windows XP.

Originally, the NIPC believed that the buffer overflow problem was in UPnP itself, Lindner said. The problem was later found to be in one of the protocol services that implement the UPnP service.

Alfred Huger, vice president of engineering at SecurityFocus, an IT security firm in San Mateo, Calif., said that the NIPC "made a mistake in their fix" for the problem in its first bulletin. "The about-face was actually a correction," he added.

Charles Kolodgy, an analyst at IDC in Framingham, Mass., said the updated bulletin from the NIPC may not end the discussion about the vulnerability.

"The bad part is it kind of makes it a little confusing for what users should do," he said.

Related stories:



Jump to comments

Security

Additional Resources

Xerox
By using solid ink technology only from Xerox, you could save up to 65% by printing color for the cost of black and white. Enter for a chance to WIN a PhaserTM 8860 network color printer!
Microsoft
Save time and mitigate security risk. Deploy it now.
Sybase
In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.

White Papers & Webcasts

Share our Strength
Download Now  

Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...

Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.

Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...