Windows XP ICS DOS oDay?
Saw this post on PCWorld talking about how published code could disable the firewall on Windows XP based systems. Okay, that doesn’t sound good, so, checking it out I notice it refers to ICS, or Internet connection Sharing, which is a program that allows one pc to share it’s internet connection with other computers on the LAN.
The exploit requires Internet Connection Sharing to be enabled and requires that the attacker be on the shared interface (from what I?ve seen in my playing thus far, the Windows Firewall was disabled).
Malicious Person ? Computer with ICS ? Internet.
So, you have to be on the same LAN, ie in the same building to exploit this. If there is a hacker in your house or place of business, then you have got bigger problems than not having your personal firewall working.
By knocking off the Windows Firewall, a criminal could open the door to new types of attacks, but there are a number of factors that make such an attack scenario unlikely, Reguly said.
For example, the attacker would have to be within the LAN in order to make the attack work, and, of course, it would only work on systems using ICS, which is disabled by default. Furthermore, the attack would have no effect on any third-party firewall being used by the PC, Reguly said.
I guess someone needs to post this somewhere, but it seems like such a non issue, buy yourself a wireless router if you have to use ICS, you can turn the wireless off and still get all of the benefits of the wireless router, NAT, sharing of the internet connection, etc. Anyway, that’s the info, do with it what you will.