Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: [News] Windows Universal Plug and Play Flaw Expected to Be Exploited This Week

On 2007-04-12, Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> claimed:
> Security firm predicts UPnP exploit by the end of the week 
>
> ,----[ Quote ]
>| "We are taking this flaw very seriously and expect to see an
>| exploit by the end of the week," said Tom Cross, X-Force
>| researcher at IBM Internet Security Systems. He added that
>| since the UPnP service is not universally enabled in the
>| corporate environment, "it is unlikely that this flaw will
>| result in a worm like Zotob".
> `----
>
> http://www.theinquirer.net/default.aspx?article=38860

Is this the same UPnP flaw that had the FBI giving warnings about XP
way back when it was firsted released? The same UPnP flaw that MS
patched a bunch of years ago, and I predicted at the time would be back
for another round of patches when they unpatched it to fix something
else that was broken?

Or is this another UPnP flaw that was created by patching something
that has been broken for a long time and wasn't discovered until more
recent times (more likely wasn't made *public* until recently, probably
been known for years)? A "new" flaw that will have the FBI giving new
warnings perhaps?

-- 
Microsoft: The company that made online banking dangerous.

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index