FBI’s National Infrastructure Protection Center (NIPC) said Micro...
FBI’s National Infrastructure Protection Center (NIPC) said Microsoft patch designed to fix vulnerabilities in Windows XP universal plug-and-play (UPnP) system was in fact sufficient to curtail threats. After NIPC issued warning about vulnerability Dec. 21, urging users to apply…
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
patch, next day it made more recommendations to minimize risks from vulnerability, which it said could lead to denial of service attacks or other system compromises. UPnP vulnerability also is present in Windows Millennium Edition, Windows 98 and Windows 98SE. NIPC said it, along with federally funded CERT Coordination Center (CERT/CC), examined technical material provided by Microsoft and determined patch was effective. “Although neither NIPC nor CERT/CC has actually laboratory tested the patch, we are satisfied that it corrects the problem that could lead to system compromise and affords substantial and adequate protection from the UPnP vulnerability that could lead to denial of service attacks,” NIPC said. Its Dec. 22 warning recommended that users manually disable UPnP service if it wasn’t being used, in addition to installing patch.