Submit Your Site for Free!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

WindowsDailyNews
SearchNewz
SEOarticles









Windows OneCare Firewall Hole

By Nathan Weinberg
Expert Author
Article Date: 2006-02-01

News.com reports that the firewall in the Windows OneCare beta comes with blanket default rules for the Java Virtual Machine, creating a security hole that would be a major exploit point if OneCare were in wide use.

As is, its something that needs to be changed by the time the product goes gold.

Like any blanket security-bypass rule, these default settings are a bad idea, said Mark Curphey, vice president at vulnerability management specialist Foundstone, a part of McAfee.

"Any firewall, any security device should have a default deny," Curphey said in an interview Tuesday. "Any door should always be closed."

Note the company the "source" works for. Not to say he isn't right, although my install of OneCare has no rules for the VM, as I don't have one installed. Just that a reporter can find a better primary source than a VP at a competitor.
About the Author:
Nathan Weinberg writes the popular InsideGoogle blog, offering the latest news and insights about Google and search engines.

Visit the InsideGoogle blog.


Newsletter Archive | Article Archive | Submit Article | Advertising Information | About Us | Contact

WindowsDailyNews is an iEntry, Inc. ® publication - All Rights Reserved Privacy Policy and Legal