Serious Security Vulnerabilities in Outpost Firewall Pro & Lavasoft Personal Firewall

Bipin Gautam has reported a vulnerability in Outpost Firewall Pro, which can be exploited by local users to cause a DoS (Denial of Service).

The vulnerability is caused due to an unspecified error in the Virtual Firewall driver (filtnt.sys) and can be exploited to crash the system by e.g. passing an overly long string as command line argument to mshta.exe.

The vulnerability has been reported in version 3.5.631. Other versions may also be affected.

The solution is to update to version 3.51.759.6511 (462) or later

Ben Goulding has discovered a vulnerability in Lavasoft Personal Firewall, which can be exploited by local users to gain escalated privileges.

The vulnerability is caused due to the application windows running with SYSTEM privileges and the application not checking if explorer.exe is running. This can be exploited to launch explorer.exe with SYSTEM privileges by terminating it and then using the “open folder” option in e.g. the “Shared Components” window.

The vulnerability has been confirmed in version 1.0.543.5722 (433). Other versions may also be affected.

The solution is to enable password protection. via Secunia

It is scary when a Firewall, whose job is to protect a computer against outside intrusions, is subject to security vulnerabilities as above. However it may be consoling to note that both the vulnerabilities can be exploited only by an insider-attack.