It seems a lot of systems have UPNP open improperly to the outside. This should never have been allowed, and is a major issue. This is an easy test, written by Steve Gibson, where his site checks to see if you are vulnerable: http://www.grc.com/default.htm Under Services, go to ShieldsUp!, click Proceed then the UPnP exposure test. If it's exposed to the Internet, then the entire internal network is at risk. It will accept pretty much any command without authentication, including opening ports etc.