Actually it pretty much is, especially since you don't have to pay
for it. Now let me get a show of hands:1. How many of you know what ICS is as it relates to Microsoft Windows?
2. How many of you even knew that Windows could share its Internet connection with other computers directly?
3. How many of you actually use Internet Connection Sharing in your home or small office?
The vulnerability is in Internet Connection Sharing, wherein a bad packet sent to the target can "trip-up" ICS (svchost.exe) which is tied to Windows Firewall. When svchost.exe is halted, the firewall goes down. I expect to hear about an update in the near future from Microsoft correcting this issue.
This attack requires the attacker to be on the same network with the target machine. It also requires that the computer under attack have ICS enabled, not have any other software firewall running, and it is not behind a NAT router. If this is you, please call me for a consultation immediately and have your checkbook at the ready.
My point is that almost no one is vulnerable to this new attack that brings down Windows firewall, and those who are indeed vulnerable probably don't have any information on their system worth stealing. Most computer-savvy users are usually behind a router of some sort, especially if they use a wireless router at home. As cheap as they are, I might just give a few away at my debut Internet security course. No one should be without at least some sort of security hardware these days.
No comments:
Post a Comment