diff --git a/_alerts/2015-10-12-upnp-vulnerability.md b/_alerts/2015-10-12-upnp-vulnerability.md
index a411c7c9..a4510784 100644
--- a/_alerts/2015-10-12-upnp-vulnerability.md
+++ b/_alerts/2015-10-12-upnp-vulnerability.md
@@ -16,29 +16,31 @@ bannerclass: "alert"
 Either
 
 - turn off the checkbox in the GUI under Options → Network → Map port using UPNP (see above)
-- add `-upnp=0` to the command line options
 - add the line `upnp=0` to your `bitcoin.conf` file
+- add `-upnp=0` to the command line options
 
 Alternatively, upgrade to a version of Bitcoin Core at least 0.10.3 or 0.11.1.
-These versions upgrade the library to a non-vulnerable version, as well as have
-upnp disabled by default to prevent this problem in the future.
+These versions upgrade the library to a non-vulnerable version, as well as
+disable UPnP by default to prevent this problem in the future.
 
 ## Details
 
 Version before 1.9.20151008 of the miniupnpc library are vulnerable to a buffer
 overflow in the XML parser during initial network discovery. The
-vulnerable code triggers at startup of Bitcoin Core if upnp is enabled. 
+vulnerable code triggers at startup of Bitcoin Core if UPnP is enabled.
 
 Details of the vulnerability can be found here: http://talosintel.com/reports/TALOS-2015-0035/
 
-It has been verified that the vulnerability can be used to crash the application at startup.
+It has been verified that the vulnerability can be used to crash the
+application at startup by running a malicious UPnP server on the local
+network.
 
 To have more connectable nodes, the Bitcoin Core executables distributed by
-bitcoin.org include the library and have always had UPnP functionality enabled
-by default.
+bitcoin.org include the miniupnpc library and have always had UPnP
+functionality enabled by default, to forward the P2P port.
 
-This applies to the distributed executables only, not when building from source or
-using distribution provided packages. Self-built executables have UPnP disabled
+This applies to the distributed executables only, not those built from source or
+from distribution provided packages. Self-built executables have UPnP disabled
 by default, unless `--enable-upnp-default` was provided to the configure script.
 
 Releases starting from 0.10.3 and 0.11.1, and the upcoming 0.12.0 will still ship