Wednesday 15 October 2004

Critical Patch to the XP SP2 Firewall Released

Via SANS Internet Storm Center comes this Microsoft KB 886185 which discusses a critical patch that wasn't mentioned in yesterday's release:

After you set up Microsoft Windows Firewall in Microsoft Windows XP Service Pack 2 (SP2), you may discover that your computer can be accessed by anyone on the Internet when you use a dial-up connection to connect to the Internet

This problem occurs because of the way that Windows Firewall interprets local subnets when the "My network (subnet) only" option is used. Windows Firewall is included with Windows XP SP2

Because of the way that some dialing software configures routing tables, Windows Firewall in Windows XP SP2 can sometimes interpret the whole Internet to be a local subnet. This can let anyone on the Internet access the Windows Firewall exceptions. When the "My network (subnet) only" option is enabled, it is automatically selected for file and print sharing. Therefore, your shared drives can be unexpectedly revealed on the Internet when you use a dial-up connection.

To resolve this problem, you must download and install the Critical Update for Windows XP (KB886185).