The release of an exploit that means a hacker, who happens to be on the same local area network, can knock over Windows Firewall on machines running XP has created a lot of publicity, despite being not much of a threat. By using the exploit, an attacker could disable Windows Firewall on a fully patched machine running Internet Connection Service (ICS).

ICS allows small businesses or home users to share an internet connection through a machine which acts as a hub. But with the advent of cheap routers few people need to use the service which, as nCircle points out, can be disabled quite easily without turning off Windows Firewall.

Turning off the firewalls of users removes barriers to potential attacks and the exploit would be more noteworthy if it worked remotely, which it doesn't. Attackers need to attack from inside the same LAN as potential victims, which greatly reduces the potential for mischief even when attacking basic home or small business networks.

As Secunia advises, the best approach to dealing with the problem (such as it is) is to find another way of sharing an internet connection.

Now, if you'll excuse me, I'm off to investigate reports that cows have stopped producing milk in Somerset as the result of an IE exploit or possibly generated the influx of whiskey-loving Romanian witches. ®

Related stories

• Security site knocks spots off Mac OS X Leopard firewall (2 November 2007)
• The spy - or thief - in your pocket (16 November 2006)
• Developers cry foul over Windows kernel security (28 July 2006)
• Vista bad news for anti-spyware market? (11 May 2006)
• MS plugs weak XP firewall (17 December 2004)
• MS bigs up Windows XP SP2 (24 March 2004)