Article ID: 897663 - View products that this article applies to.
Technical update, August 31, 2005Microsoft has released a Microsoft Security Advisory about this issue for IT Professionals. The security advisory contains additional security-related information about this issue. To view the security advisory, visit the following Microsoft Web site:
If you create an exception by modifying the registry on a computer that is running Microsoft Windows XP Service Pack 2 (SP2) or Microsoft Windows Server 2003 Service Pack 1 (SP1), the exception may not show up in the Windows Firewall graphical user interface.
This behavior occurs if you do not specify a name when you add an exception by modifying the registry key. For example, this behavior occurs if you add a port to the registry and then set the registry value to 12345:TCP:*:Enabled. This value opens the TCP port 12345. However, the Windows Firewall graphical user interface does not show this port because the registry value does not contain a name. The following value is the correct value:
To resolve this issue in Windows XP Service Pack 2, install Update for Windows XP (KB897663). This update will make sure that a firewall exception created through the registry is listed in the Windows Firewall interface the same as if the exception was created in the interface itself. To download and install Update for Windows XP (KB897663), visit the following Web site:
PrerequisitesBecause of file dependencies, this update requires Windows XP Service Pack 2.
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/322389/ )How to obtain the latest Windows XP service pack
Restart requirementYou do not have to restart the computer after you apply this software update.
File informationThe English version of this update has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
Date Time Version Size File name -------------------------------------------------------------- 04-Aug-2005 01:44 5.1.2600.2732 80,896 Firewall.cpl
To work around this behavior use one of the following methods.
Method 1: Append a name to the registry valueTo work around this behavior, append a name to the registry value. For example, change 12345:TCP:*:Enabled to 12345:TCP:*:Enabled:exception name.
Method 2: Use the netsh firewall commandTo work around this behavior, you can see the exceptions that you have created in the registry by using the netsh firewall command. To do this, follow these steps:
For more information about how to configure Windows Firewall, visit the following Microsoft Web sites.
Windows Firewall Operations Guide
Manually Configuring Windows Firewall in Windows XP Service Pack 2
http://technet.microsoft.com/en-us/library/bb877979.aspxFor more information about how to troubleshoot Windows Firewall settings, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/875357/ )Troubleshooting Windows Firewall settings in Windows XP Service Pack 2
(http://go.microsoft.com/fwlink/?LinkId=151500)for other considerations.