[Infowarrior] - Microsoft Patches Critical Windows TCP Flaw

Richard Forno rforno at infowarrior.org
Wed Jan 9 02:09:55 UTC 2008



Microsoft Patches Critical Windows TCP Flaw
Tuesday, January 8th 2008 @ 11:50 AM PST

Microsoft has published a security bulletin warning of a critical
vulnerability in Windows 2000/XP/Vista that could enable attackers to
control - or destroy - a system.

Microsoft has issued a new security bulletin warning users of a critical
vulnerability in the TCP software built into Windows 2000, Windows Server
2003, Windows XP, and Windows Vista that could enable attackers to take over
or destroy the computers. The TCP/IP protocol is one of the fundamental
building blocks of Internet services; the vulnerability has to do with the
way Windows processes ICMP and multicast requests.

The vulnerabilities were discovered and reported privately to Microsoft from
Alex Wheeler and Ryan Smith of the IBM Internet Security Systems X-Force.

Microsoft has released a patch via Microsoft Update that changes the way the
Windows kernel processes TCP multicast and ICMP requests. Due to the
enormous number of systems worldwide exposed to this vulnerability and the
potential threat it brings, Microsoft is recommending Windows users apply
the patch as soon as possible.

http://news.digitaltrends.com/news/story/15368/printer_friendly/microsoft_pa
tches_critical_windows_tcp_flaw




More information about the Infowarrior mailing list