Communications > Security

Security firm predicts UPnP exploit by the end of the week

Batten down the hatches

By Paul Hales

Wednesday, 11 April 2007, 17:17

BOFFINS AT IBM SECURITY FIRM ISS scratched their crystal balls and announced that a vulnerability in Microsoft Windows' Universal Plug and Play (UPnP) technology would be exploited by the end of the week.

"We are taking this flaw very seriously and expect to see an exploit by the end of the week," said Tom Cross, X-Force researcher at IBM Internet Security Systems. He added that since the UPnP service is not universally enabled in the corporate environment, "it is unlikely that this flaw will result in a worm like Zotob".

He urged organisations to download the patch from Microsoft "as soon as possible".

Not particularly helpful, you may think since he'd just said that most corporates wouldn't have UPnP enabled. The INQ urges end users who have the technology enabled to download the patch too.

Especially since ISS reckons the flaw in the UPnP service is "easy to exploit, providing an attacker with complete control over the victim PC".

Microsoft yesterday issued a bunch of band aids for its holey software here. µ

EyeTV for Iphone Testing TV to go Friday, 16 October 2009, 15:08 PM Read more	Microsoft dumps a load of patches Big Patch Tuesday Wednesday, 14 October 2009, 10:09 AM Read more
Hackers release new attack code for Windows Beware the claws that rend Tuesday, 29 September 2009, 10:34 AM Read more	Trigger happy TV Living with the Sanyo Xacti HD1 Tuesday, 6 January 2009, 22:59 PM Read more
Microsoft warns of a security hole The Vole hasn't fixed it yet Tuesday, 7 July 2009, 09:36 AM Read more	Adobe Flash flaws exploited Attacked in the wild Thursday, 23 July 2009, 11:05 AM Read more

< Previous article| Next article >

Comments

There are no comments submitted yet. Do you have an interesting opinion? Then be the first to post a comment.

Most read
Most commented
Most popular

INQ Whitepapers

Will you be buying a new computer this Christmas?

Yes, a new computer will be under the tree

Yes, a netbook will fit my stocking nicely

No, but will be upgrading some components / building my own

No, my computer works fine if I change the oil often enough

Bah humbug, I'll wait for the January sales to decide

View other polls

©Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Search for a job:

Recruitment Agency A-Z Directory: All
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Security firm predicts UPnP exploit by the end of the week

Share this:

Business Intelligence Software

Customer Relationship Management (CRM)

Enterprise Accounting Software

Enterprise Resource Planning (ERP)

Enterprise Systems Management

Channel Sales Account Mana

Excellent opportunity for a...

Read more

Client Manager EMEA

This is an international fi...

Read more

C# ASP.net Developer/Softw

Experienced C# ASP.net Soft...

Read more

Software Engineer

Our client is looking for a...

Read more

Web Developer, Web Develop

Excellent opportunity for a...

Read more