Windows bug allows repeat invasions

Say you've just recovered from a serious worm attack. You've run your antivirus and adware/malware removal utilities, installed the latest patches, even double-checked to make sure your security and privacy settings are set at high. You're good, right? Maybe not.

Microsoft recently released a Security Advisory (along with an update to Windows XP Service Pack 2 containing the fix) warning about an "unexpected behavior" in Windows Firewall that could let a clever attacker who had broken into your PC leave a back door to the Web unlocked for next time. Only PCs running either XP with SP2 or Windows Server 2003 are susceptible.

Hackers sometimes get into a PC by taking advantage of the ports that Windows uses to talk with the world. Literally thousands of ports are available, but Windows Firewall automatically blocks most of them to protect you.

You can let programs connect to your PC through specific ports by entering those ports as exceptions in the firewall's user interface (found in Windows' Control Panel). The user interface also lists these exceptions so that you can see what ports are enabled on your system. Information about the ports is stored within the Windows Registry.

Recently, someone figured out that if you insert port exceptions directly into the Registry and give them "malformed" names, the firewall's user interface won't be able to display them and you'd never know the port was open. Fortunately, no exploits of this vulnerability have been reported yet.

The Security Advisory also explains how you can determine if any sneaky exceptions already lurk on your PC. To get the update, which makes invisible entries visible in Windows Firewall, go here. For the Security Advisory go to

Avoid fake Google

Panda Software identified a new worm that redirects your search requests to a phony Google site. The P2load.A worm masquerades as a free Star Wars game. After you run the file, your attempts to point your browser to Google actually take you to a fake site with different paid advertisers.

The worm alters your start page, changes your Internet Explorer search options, and infects your PC with various adware programs. It spreads through peer-to-peer file sharing apps, such as Imesh and Shareaza. For directions on identifying whether your PC's been infected and wiping the imposter off your system go to here.

When Windows update doesn't

Have you been thwarted in your quest to get updates from the Microsoft Update or the Windows Update site? Instead of receiving a reassuring patch install confirmation, you may have been left staring at a screen filled with the geekiest sort of cryptic error messages (for instance, "Error 0x80072EE2"). Possible causes include conflicts with third-party firewalls and problems with the update sites' addresses hard-coded into Windows' Hosts file.

To get Microsoft's step-by-step workaround for users without a proxy server go to here.

For those using a proxy server, see the workaround at

Fix Wi-Fi router problems

Linksys has issued a firmware update for its popular WRT54G wireless routers that patches several security flaws. Someone exploiting the bugs could target you with a simple denial-of-service attack intended to crash your router, or they could change the configuration of the router, including the password. This could allow the attacker to change your firewall's rules and install new firmware on the router.

Get Linksys's update here.

IDefense, the research firm that found the bugs, has five advisories with more details.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Show Comments



Victorinox Werks Professional Executive 17 Laptop Case

Learn more >

Sansai 6-Outlet Power Board + 4-Port USB Charging Station

Learn more >



Back To Business Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?