MSFN Forum: Microsoft fixes gaping hole in Windows TCP/IP stack

Jump to content






Icon Latest News Comments


Icon MSFN Statistics

  • Total Posts 802200
  • Total Members 102139
  • Newest Member dvnamis 
  • Online At Once Record 17869
  • Online Now: 3074



    Icon Recommended Sites

    AskVG.com Bink Filehorse FreewareFiles IT Magazine lunarsoft Where unprofessional journalism looks better OSNN TechLog The Windows Club WinBeta

Microsoft fixes gaping hole in Windows TCP/IP stack -----

Posted on Nov 09 2011 05:49 AM by xper  in Security | Viewed 4561 Times

Microsoft has released its November batch of security bulletins with fixes for at least four documented vulnerabilities affecting the Windows operating system. The updates address remote code execution and denial-of-service issues in all versions of Windows and Microsoft is urging its user base to pay special attention to MS11-083, which covers a gaping hole in the Windows TCP/IP stack.

The raw details:

A remote code execution vulnerability exists in the Windows TCP/IP stack due to the processing of a continuous flow of specially crafted UDP packets. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

Because of the “critical” nature of this update, Microsoft is urging Windows users and administrators to treat MS11-083 with the utmost priority.

The company also fixed a serious vulnerability in Windows Mail that exposes users to hacker attacks via the Web browser.

Some basic details via the MS11-085 bulletin:

The vulnerability could allow remote code execution if a user opens a legitimate file (such as an .eml or .wcinv file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Mail or Windows Meeting Space could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file (such as an .eml or .wcinv file) from this location that is then loaded by a vulnerable application.

Microsoft expects to see functional exploit code for this vulnerability within the next 30 days.

The November Patch Tuesday batch also contains fixes for a privilege escalation flaw in Active Directory (MS11-086) and a vulnerability in Windows kernel mode drivers (MS11-084) that could allow denial-of-service attacks.

Source: ZDNet




2 Comments

Page 1 of 1

the xt guy 

11 November 2011 - 01:51 PM
Windows XP is "unaffected software" for 3 of the 4 vulnerabilities listed above (including the "gaping hole" in the TCP/IP stack) while Vista, Windows 7 and Server 2008 all are vulnerable.

erpdude8 

14 November 2011 - 01:41 PM
@the xt guy: Windows Server 2003 is also not affected by the recent TCP/IP security hole mentioned in security bulletin MS11-083 and some other security holes mentioned in security bulletins MS11-084 & MS11-085.
You do not have permission to leave comments on this article
Page 1 of 1



All trademarks mentioned on this page are the property of their respective owners
Copyright © 2001 - 2013 msfn.org
Privacy Policy