Windows firewall may allow reinfection

An infected computer with Windows Fiewall may be left with unsecured network ports, allowing reinfection by internet worms, even after the infection has been cleaned up:

http://www.spywareinfo.com/newsletter/archives/2005/oct27.php#winfirewall

Thaks god I haven’t stayed with Windows Firewall, as I was ready to do it. ;D

Hi FwF,

The question pops up then. What to do about this? In the coming future Microsoft anti-spyware will be on all of their platforms. Will their firewall also come in as a standard? I see a lot of software firewalls phasing out or being bought up. Not essentialy a bad thing, but we should hold a finger to the pulse. Thank you FwF for getting this across?

greets,

your anti-malware friend

polonus

In my opinion, Windows firewall should be improved continiously, not only with SP. As it’s still the same, which come with SP2. No more updates were made for it till now. I think Microsoft should use their Windows Update site to update their Firewall, but it seems they don’t care about their customers safety. It’s only my opinion. :wink:

Even without this vulnerability, the windows firewall was seriously flawed. It never provided or attempted to provide full protection, effectively it was a stable door with one half of the door always open.

Unfortunately, the lack of outbound protection was never announced with the other marketing hype for XP, so inexperienced users thought they were protected when they were seriously compromised.

I’m not sure it is a case of MS not caring about their customers (although I could be wrong). Rather if they did provide a fully functional firewall, similar or the same as other 3rd party firewalls they may end up in another anti-trust battle. Not to mention put more 3rd party firewalls out of business. So they may just have been treading carefully to avoid this scenario.

As far as I’m aware Vista will have outbound protection in the firewall, if this will have advanced program functionality to stop leaking or bypassing the firewall remains to be seen. If it is a full blown firewall can you see MS giving it away or getting away with it on the anti-trust issue from the other 3rd party firewall companies? I guess we will have to wait and see.

effectively it was a stable door with one half of the door always open.

Now it seems that malware can build its own little invisible cat flap into the other half so it can always get back in without being noticed.

When somebody’s had an infection, I’ve always said ‘make sure you have Windows’ firewall activated, at least.’ Now it seems that’s not good enough: After an infection, only a third party firewall will guarantee protection.

Totally agree with you. :wink: And DavidR: I think it’s some true in your words… Microsoft will have touble if they’ll make complete firewall product. Again Microsoft’s monopoly… :-\

Only in America can you try to give something away and be sued by those who want to sell the same thing
for being a monopoly.
Why hasn’t AOL been sued for being a monopoly? Maybe it’s because AOL gives nothing away? ;D
Maybe I’m the only person that sees something seriously flawed in that scenario. ???

Because AOHell isn’t a monopoly, it’s just an ISP and there are hundreds of those. Yes it has a huge market share in America but MS windows has a huge market share in the world and the options are limited.

Hi bob3160,

Well this is true, and if an argument is true, I agree with this. Microsoft is not a monopolist, it produces a complete solution: platform, services and software. AOL is a different kettle of fish, we cannot compare apples with pears. But back to the real background of this. And in a way you will see I will defend Microsoft where it is good. Now my arguments.

In some software solutions we could say it wasn’t that lucky, things are slowly improving. Why they did not stick to the thing they were good at the NT basis for the platform XP? XP is a good and reliable product, you can make it very safe. Why they want to incorporate everything for themselves, I cannot seem to understand. The out of the box solution for every user is a misconception. Well the same goes for Norton, their total solution is very consuming. I had a customer for whom I removed it with the special removal tool to have avast installed. He had tried to do it on his own and they had been at it for 16 hours, and still there were traces of nav. So I hope they will steer away from this concept. Better is a good platform, and leave room for specialists to do their thing: firewall etc.

greets,

polonus