Search
Sponsors
Windows Firewall Exception May Not Display in the User Interface
Microsoft has received a report of an unexpected behavior in the way that the Windows Firewall User Interface handles malformed entries in the Windows Registry. By creating malformed Windows Firewall exception entries in the Windows Registry, an exception could be created in the firewall that would not be displayed in the Windows Firewall User Interface. However, this exception is displayed by the command line firewall administration tools.It is important to note that this is not a vulnerability. Administrative privileges are required to access the associated section of the Windows Registry that contains this configuration information. By using documented methods to manage and create Windows Firewall exceptions, it is unlikely that a malformed registry entry will be produced which would exhibit this behavior. It is more likely that an attacker who has already compromised the system would create such malformed registry entries with intent to confuse a user.
Related Software
- Microsoft Windows XP Service Pack 2
- Microsoft Windows XP Professional x64 Edition
- Microsoft Windows Server 2003 Service Pack 1
- Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
- Microsoft Windows Server 2003 x64 Edition
Microsoft plans to include an update to address this concern as part of a future service pack on the affected supported platforms. (Continue at source).