A security hole exists in Universal Plug and Play (UPnP). When abused, there is a possibility of an external person performing a wicked code, capturing a network, or devising a service refusal (DoS) attack. Since the UPnP function is effective by the default, Windows® XP needs to apply a patch immediately. The user of Windows® 98/98 Second Edition/Me needs a patch only when the UPnP function is being used.
Download the patch program from this page. Unchecked Buffer in Universal Plug and Play can Lead to System Compromise.