What are the system security vulnerabilities? Teach you one by one

The system naturally has a lot of security holes, but we usually have patches, but some security vulnerabilities we still have to identify. Although many computer users now change their operating system to the latest WINXP system, even if it is the latest Windows system, there are still many security risks, so how to ensure your system security?

Let's take a look at the security vulnerabilities in the Windows family and how to block these vulnerabilities?

1. Fast User Switching Vulnerabilities

The Windows XP Fast User Switching feature has vulnerabilities when you Click “Start”/“Logout”/“Switch User”Start Fast User Switching, and when you retry to log in to a username under the traditional login method, the system will mistakenly believe that there is a violent guessing attack. All non-admin accounts will be locked.

Security Countermeasures: Click Control Panel/User Account/Change User Login or Logout Mode to cancel “Use Fast User Switching to disable user fast switching.

2, UPnP service vulnerability

UPnp is a relatively advanced technology, already included in WindowsXP, this is a good thing, but it has caused trouble, because UPnp will bring some Security breach. Hackers can exploit this type of vulnerability to gain full control of other PCs or launch DOS attacks. If he knows the IP address of a certain PC, he can control the PC through the Internet, even in the same network, even if he does not know the IP address of the PC, he can control the PC. Specifically, the UPnP service can cause the following two security vulnerabilities:

(1) Buffer Overflow Vulnerability

There is a buffer overflow problem in UPnP. When processing the Location field in the NOTIFY command, a buffer overflow occurs if the IP address, port, and file name portion are too long. The vulnerability is discovered and notified to eEye Digital Security, the most serious buffer overflow vulnerability in Windows history. Because the UPnP service runs in the context of the system, the vulnerability can be exploited by hackers to conduct Dos attacks. A high-level hacker can even control another person's computer, take over the user's computer, and view or delete files. More serious is that the server program listens to broadcast and multicast interfaces, so that an attacker can attack multiple machines at the same time without knowing the IP address of a single host.

Security Countermeasures: Since Windows XP has the UPnP (Universal Plug and Play) feature enabled, all WinXP users should install the patch immediately; WinME users only need it if they are running UPnP. Patch, because WindowsME's UPnP function is turned off during installation; as for Win98, since there is no UPnP in it, you only need to use the patch if you have UPnP installed by yourself. You can download the patch from Microsoft's website.

(2) UDP and UDP spoofing attacks The system running the UPnP service is also very easy, as long as a UDP packet is sent to the system's 1900 port, where the address of the "LOCA-TION" domain points to another system. The Chargen port may cause the system to enter an infinite connection loop, which will cause the system CPU to be 100% occupied and unable to provide normal service. In addition, an attacker who sends a fake UDP packet to a network with many XP hosts may also force these XP hosts to attack the specified host.

Security Countermeasures: Click XP's Control Panel/Administrative Tools/Services, double-click the “UniversalPlugandPlayDeviceHost” service, and select “Don't be disabled” in the startup type to close the UPnP service.

If you don't want to disable the UPnP service to block such security vulnerabilities, you can download and install the corresponding patch from Microsoft's website; or set up a firewall to block the connection of the external network packets to port 1900.