Windows bug allows repeat invasions

Say you've just recovered from a serious worm attack. You've run your antivirus and adware/malware removal utilities, installed the latest patches, even double-checked to make sure your security and privacy settings are set at high. You're good, right? Maybe not.

Microsoft recently released a Security Advisory (along with an update to Windows XP Service Pack 2 containing the fix) warning about an "unexpected behavior" in Windows Firewall that could let a clever attacker who had broken into your PC leave a back door to the Web unlocked for next time. Only PCs running either XP with SP2 or Windows Server 2003 are susceptible.

Hackers sometimes get into a PC by taking advantage of the ports that Windows uses to talk with the world. Literally thousands of ports are available, but Windows Firewall automatically blocks most of them to protect you.

You can let programs connect to your PC through specific ports by entering those ports as exceptions in the firewall's user interface (found in Windows' Control Panel). The user interface also lists these exceptions so that you can see what ports are enabled on your system. Information about the ports is stored within the Windows Registry.

Recently, someone figured out that if you insert port exceptions directly into the Registry and give them "malformed" names, the firewall's user interface won't be able to display them and you'd never know the port was open. Fortunately, no exploits of this vulnerability have been reported yet.

The Security Advisory also explains how you can determine if any sneaky exceptions already lurk on your PC. To get the update, which makes invisible entries visible in Windows Firewall, go here. For the Security Advisory go to http://www.microsoft.com/technet/security/advisory/897663.mspx.

Avoid fake Google

Panda Software identified a new worm that redirects your search requests to a phony Google site. The P2load.A worm masquerades as a free Star Wars game. After you run the file, your attempts to point your browser to Google actually take you to a fake site with different paid advertisers.

The worm alters your start page, changes your Internet Explorer search options, and infects your PC with various adware programs. It spreads through peer-to-peer file sharing apps, such as Imesh and Shareaza. For directions on identifying whether your PC's been infected and wiping the imposter off your system go to here.

When Windows update doesn't

Have you been thwarted in your quest to get updates from the Microsoft Update or the Windows Update site? Instead of receiving a reassuring patch install confirmation, you may have been left staring at a screen filled with the geekiest sort of cryptic error messages (for instance, "Error 0x80072EE2"). Possible causes include conflicts with third-party firewalls and problems with the update sites' addresses hard-coded into Windows' Hosts file.

To get Microsoft's step-by-step workaround for users without a proxy server go to here.

For those using a proxy server, see the workaround at http://support.microsoft.com/kb/900935/.

Fix Wi-Fi router problems

Linksys has issued a firmware update for its popular WRT54G wireless routers that patches several security flaws. Someone exploiting the bugs could target you with a simple denial-of-service attack intended to crash your router, or they could change the configuration of the router, including the password. This could allow the attacker to change your firewall's rules and install new firmware on the router.

Get Linksys's update here.

IDefense, the research firm that found the bugs, has five advisories with more details.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?