To check your firewall for open ports simply click on your security icon found hopeful somewhere on your desktop. Then when the security center opens you should see a section named Manage Security Settings For:
Now look for Windows firewall.Double click the icon.The ports are listed under the option titled Exceptions.Double click Exceptions.You will now see a list of open ports,with the option to add port ,edit, delete..I seriously doubt that anyone has somehow snuck into your system and added a port.Be careful and do not delete the ports that need to be open for your system to operate.

Read the article again. The glitch allows for someone to make an open port that DOESN'T appear in the exceptions list.

Microsoft: "yes, the flaw is there and it will create a hole - however, this isnt a security issue"
Public: "what would you call it then ?"
"Microsoft: "A hidden feature? :)"
"Public: "Sorry, but anything that opens up a hole in a system allowing unauthorized access is indeed a security issue"

what about the new regedit flaw.... should be mentioned here on betanews i think.

seems just as dangerous for those of us who work with spyware/viruses... MS needs to update regedit fast .. luckily i have a freeware registry editor that actually can see these things.

http://news.com.com/Flaw...100-1002_3-5843863.html

freeware registry editor that actually can see the keys and let you delete them --> http://www.majorgeeks.co...ry_Commander_d2774.html

I'm guessing it's the same issue, or at least related.

Not to be a pessimist – but if a virus/spyware could create “exceptions” in your firewall via the registry that did NOT show up when you launched the Windows Firewall program? That sorta sounds like a potential problem to me!

blakehandler.com

If someone can gain Administrator-level access to your system, whether by code or otherwise, it is owned. A firewall won't be of much help at that point anyway, especially the Windows firewall.

How does it affect Windows 2000? It doesn't include the windows firewall.

deleted repeat comment

> Administrator privileges are required in order to access the necessary section of the Windows Registry.

Aren't most Windows XP installations defaulting to Administrator accounts? So this basically means a virus could easily be written to write to this portion of the registry and open this wonderful little backdoor?

> said the problem was not a security vulnerability.

Yeah, I can see why MS wouldn't be concerned about this...

***regardless of the validity of this comment, please feel free to commence flaming due to it's anti-MS lean.***

"> said the problem was not a security vulnerability.

Yeah, I can see why MS wouldn't be concerned about this..."

They are concerned enough to provide a fix for this issue.

Good for them. I was trying to be humorous. Sorry you were not in the mood to get it.

"Aren't most Windows XP installations defaulting to Administrator accounts?"

Uhm...no. Administrator privledges are required for most installs, but an install won't just grant itself admin priveledges on it's own. You'll have to login as a local admin or supply a local admin password for the install to work.

Now the fact that most home users log in to their PC as local admins anyway is a different story. That's why linux is always "perceived" to be much more secure. If you're a linux user, you're savvy enough not to log in to the machine as root and just switch to root when you need certain access. Windows users (home users at least) don't have that mentality and complain about applications destroying their machines.

i think he means, XP installations, as the XP installation itself, defaults to admin installation, therefore software installed from that default user will have admin rights - or something :)

Exactomundo.

The default user created during XP install is created with full admin rights, meaning any installation run under that account can effect the entire system.

This would be better if MS had chosen security over user-experience when they designed the OS. Apparently they have learned their lesson. The beta of Vista can easily be set (and I hope it ships "on" by default) to require an admin password be entered for every potentially dangerous install.

The only glitch there is that it even asks you for the password when you are logged in as admin...which is a pain in the a** when you're trying to admin...as...admin.

And yes, MacOS already has this in their currently available OS. Thought I might as well bring it up since some Mac fanboy surely would.

The default user account in XP (Home and Pro) has all admin rights.

"The beta of Vista can easily be set (and I hope it ships "on" by default) to require an admin password be entered for every potentially dangerous install. "

But...XP does that now. If you're not logged on as a local admin, the install will ask you for a local admin password. XP doesn't allow you (in most cases anyway) to install anything if you're not logged in as local admin. How is the vista beta different then this.

"And yes, MacOS already has this in their currently available OS. Thought I might as well bring it up since some Mac fanboy surely would."

Unix / Linux too, while we're at it ;-)

No it doesn't -- it just tells you that you don't have correct privilages to c:\program files\whatever

If you set it up to run with different credentials, that's a different story.

Let me put it to you this way...to be able to edit those firewall settings in the registry, you need local admin rights or you need to have been granted modify permissions to that key by the local admin. Therefore, for an install to modify those keys, it needs to be run under a local admin user. Everybody clear now? Good.

Oh yea...and XP sure DOES ask you for an admin password to do an install, log in as a non admin, and try installing something, and then tell me it doesn't ask you.

but the problem is almost everyone is logged in as admin and on most home computers the administrator account isn't password protected anyway. A firewall shouldn't work out of the registry.

if you are able to do something on a pc as a local admin...they can pretty much do whatever they want, period. I don't care if firewall rules are stored in an encrypted file, they have established admin rights on the pc or are able to figure out how to run things as local admin, firewall rules at that point don't matter much. They already have you.

That's the qualm. XP shouldn't commit the mistake of giving the default user admin rights. Simply because the default (average?) user of XP is not *capable* of being an admin. They seem to be headed in the right direction to fix that with Vista. Mac and *nix have been there a while.