In association with heise online

25 January 2008, 15:43

Microsoft updates Security Bulletin from last Patchday

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Microsoft has updated its Security Bulletin MS08-001 on the security vulnerabilities in the TCP/IP stack in Windows. The revised bulletin states that Windows Small Business Server 2003 Service Pack 2 is also affected. The Microsoft tools for detecting and deploying the updates are already offering the correct update for the product.

The vulnerabilities allowed specially prepared IGMPv3-, MLDv2 and fragmented RDP routing packets to remotely infiltrate and execute code in a computer. However, an attack on a system running Windows 2000 SP4 would only be able to put the system out of action. The same was true for a vulnerability in the Router Discovery, which is disabled by default. Attackers could normally only exploit the vulnerabilities in a local network, since firewalls generally block the protocols in question.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit