| By Susan Bradley |
For the average Windows user, the topic of networking ports is often confusing — and easily ignored.
But November’s Patch Tuesday includes a critical patch for Vista and Windows 7 users — for an unusual networking-protocol vulnerability.
TCP/IP vulnerability threatens Vista and Win7
Generally, Windows XP users face more security risks than Vista or Win7 users. But this Patch Tuesday is light for anyone running Windows XP or Windows Server 2003. Vista and Windows 7 users, however, need to apply this patch as soon as possible to fend off a potentially nasty threat.
In almost all computer operating systems, networking communications are handled though TCP/IP ports. There are 65,535 ports in a modern OS, and if you’ve poked around the common home/small-business firewall, you’ve seen references to two types of ports: TCP and UDP. TCP ports are used for such things as websites and e-mail. UDP ports are used when a transmission doesn’t need to have confirmation that a packet has arrived at its destination. In home networks, UDP (definition) ports are used mostly for online gaming. For example, the Xbox needs UDP ports 88 and 3074 to connect properly with the Xbox Live service.
Normally, a port is closed when there are no system services using it (or listening to it) — and your system is protected from outside attacks. In this vulnerability, however, a closed port can be circumvented if an attacker sends a large amount of specially crafted UDP packets.
Now, before you yank your Internet connection out of the wall, keep in mind that there is normally a firewall between you and the outside world. You are more vulnerable if you have manually opened any UDP ports on your external firewall or if there are ports closed but waiting for applications to use them.