Xbox Series X Updates include IDP Threat

jayd691 · Jul 5, 2021

I began having issues with my Xbox Series X constantly getting errors when system updates were attempted both automatically and manually. Nothing worked as far as resetting console, which led me to investigate possibility of some anomaly in the network potentially causing the issue.

What I found was that my firewall was blocking the system update as it includes a known Intrusion Detection threat, Microsoft Office BMP Header biClrUsed Integer Overflow (https://nvd.nist.gov/vuln/detail/CVE-2009-2518).

This only came about 2-3 months ago (March/April 2021) and has been existent ever since. There is not one system update that will complete without allowing this vulnerabilty to be passed through the firewall, which is not recommended.

Does Microsoft know if is pushing a known threat in its updates, and why are they allowing this? Or is this by design to extract more data from the xbox series x users?

Whatever the reason, Microsoft should correct this immediately, and cease to potentially infect its customers networks with threats and bugs.

Please let me now how this will be / can be resolved.

:)

Farscape247

never had these issues EVER, never had to forward ports or close antivirus for updates. neither has anyone else i know, i have used many many different routers and have never had to do anything like that. updates to any device should not require any consumer/customer to have to change anything. if it is triggering a warning then the company is doing it wrong

Farscape247

how does what you have stated have absolutely anything to do with the OP statement, he is on about detecting a known threat which has absolutely nothing to do with ports.

The firewall is blocking this threat from passing though, and in this day and age you should not have to port forward anything.

ngocphi

Here is info on your threat

https://www.fortiguard.com/encyclopedia/ips/17813

It's to do with office documents

Xbox nor the insiders program tun office or any windows executibles

So pray tell what part of insiders os does it have anything to do with ms office

Insiders os Is a beta as such and as you agreed to let ms record bug data as part of the insiders program or any betas

ngocphi

You'll are mistaking an major factor

You forget that YOU signed up for insiders program.?

Since YOU havr a two way firewall

Your firewall is reporting a false positive

Because your firewall is detecting xbox update Sinceyou aren't allowing it

It is blocked

It's detecting incoming and outgoing requests not software updates and thinks ita an attack

You need to allow feedback

As per the insiders program requirement

How else do you think it sends crash data and what happens to the os that is the purpose of the insiders program and ANY beta

Si pray tell how do you expect to install your games if you are blocking all update traffic which will include day 1 updates

Are you forgetting that insiders is a two way program ?

You need to let ms see what causes bugs and crashes

Since you cannot download the insiders update separately how wouldn't it be legitimate

And fyi why else would there be a port article about having your xbox in allowed

Insiders os are used by millions

And provide valuable feedback on crashes

Xbox one if not on insiders.don't require two way feedback

Insiders consoles do as per the insiders aggreement

Fyi regedit /xboxinsidersfor all insiders program issues

So explain to me.

How an computer virus based off of office and windows os is in a sandboxed os

That does NOT run exes nor has ms office ?

Keep.in mind it's running hypervisor

So.each os is.a different VM

You cannot run Windows programs or malware

Html5 is the only external .programs and even then they are sandboxed

If you wanna know why your firewall is reporting a false positive ask the support from your firewall

It's easy ita a two way firewall and since the os doesn't have exes

You can't run external programs

Their solution make an exception

ngocphi

Because your firewall is strict do you not understand how firewalls work ?

How do you think updates come ? Not by some magic

It comes thru your ports

Udp is a portand since your router is blocking the ports

That ONLY games uses for updates

Here is an article kn how to do updates

One very common reason for a false positive here is your antivirus being outdated. You should update the program and then run it again. If you still keep getting false positives, you might like to switch to another antivirus program.

https://whatt.org › Tech

What Exactly is IDP.Generic? | WHATT.ORG

Why in heaven's name would you use a enterprise firewall with a gaming device

As previously mentioned you will run into issues with pc and multiple games because your firewall is strict

I used to use blackice myself till mine was outdated

It also applies to gaming

See farscape enterprise firewall not consumer one

Firewalls are designed to watch ports and an enterprise grade firewall is a two way firewall you are blocking it on both sides

You are going to get a lot of false positives think about it

An update that is from ms not some unknown company thru ports that are normally open

And apparently you didnt read the insiders program

They collect data for a specific reason to find bugs

They need to know what's going on with the os when it crashed xbox updates you agree to this when you sign up for the insiders program

You didn't think they don't want to know what caused a bug did you ?

As you noted it blocks xbox updates

What's going to happen when your series x game needs a day 1 patch ? Since you are blocking the update ports you can't install

Two.way firewalls will block anything till you allow it

Firewalls don't watch software they watch ports that's it with a 2 way firewall it's incoming and outgoing

That means a lot of false positives since you are required to allow or disallow connections

Not exactly the best solution for gaming

Xbox Series X Updates include IDP Threat