Is CMF necessary after VISTA SP1 and XP SP3

Andreas · February 6, 2008, 12:11am

I read in pc magazines that Microsoft will protects against buffer overflow after SP1 for Vista and SP3 for XP.

So, will we need CMF after this service packs?

Andreas

system · February 6, 2008, 12:37am

Does Windows Firewall protect U ? (:WIN) So I think the answer is clear. Yes. I will sure keep it. :SMLR

asker · March 9, 2008, 3:52pm

I have a feeling your answer is an amateour’s one. Vista is able to stealth all the ports, unlike some of the other third-party firewalls so it is actually good. I suppose it does not pass some of the leaks, but so does not many others. I think vista is a good firewall, but there are stronger firewalls on the market like comodo, zonealarm, outpost, jetico, and others, so it is not fair to say it does not protects you from BO, just like that in a snap, especially if pcmag says contrary. Sorry for being harsh, but so were you. We need to take in consideration that NSA worked along with microsoft to fortify their security so I would say it is pretty strong.

system · March 9, 2008, 9:53pm

So how come Windows Firewall always score 0 points ? And yes - I am an armateur, but not a noob (at least not in Windows) Maybe you can tweak Windows firewall to be much more powerfull, but I wouldn’t bother.

And again - Vista SP1 does not protect you from buffer overflows as good as CMF. Fullstop. Period. ;D

P.S. NSA could do a lot better then ;D
P.S.P.S I’m don’t want to be harsh, and I’m not trying to be. My answers can be a little stupid and not fluent, because of my poor English. So guys if offended someone - I’m really sorry. :-[ Forgive me and point out my mistakes please :a0

Ragwing · March 9, 2008, 9:56pm

Because leaktests only test outbound protection.

CMF protects against buffer overflows in the STACK and HEAP memory, and also against ret2libc attacks and corrupted SEH Chains. Will Vista SP1 and XP SP3 protect against these kind of attacks?

Cheers,
Ragwing

system · March 9, 2008, 10:00pm

That’s what I’m trying to say. A firewall without an outbound protection is useless (to me)

asker · March 10, 2008, 9:56am

Hi Commodus
Vista firewall is only inbound just by default, but you can change that in advanced options, and than it analyzes also outbound traffic. By the way, you did not offend me, but it is good to hear your did not want to. Often we do not understand each other and so it easily comes to offending someone unintentially.
I really do not know if vista sp1 will protect agains buffer overflow anyway. I suppose when it comes out publicaly, we shall read about that topic in some forums or magazines, but till than I will be using CMF onward.
cheers

system · March 10, 2008, 10:30am

Glad to hear we’re in peace O0 (Bob Marley)

Didn’t knew the outbound thing (so thanks for that) in Windows Firewall, but again I won’t try it anyway, cos Comodo is much more superior

panic · March 10, 2008, 10:31am

From what I can find out, Vista SP1 and XP SP3 are targetting BO vulnerabilities in specific system libraries, rather than monitoring and protecting invalid buffer executions system wide. If this is correct, the CMF would still be desirable (preferable).

Ewen

goodbrazer · March 10, 2008, 12:23pm

This explains some things… Glad to find out more on this question.
Thanks Ewen :-TU

asker · March 10, 2008, 4:41pm

:■■■■

system · May 31, 2008, 9:22am

Locked.

Reason: Out-Dated post.

Josh