1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar

Vulnerability protection

Windows TCP/IP vulnerability could allow remote code execution

Report ID: MS201111001
Date Published: 10 November 2011

Criticality: Critical
Compromise Type: remote-code-execution
Compromise From: remote

Affected Product/Component:

Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2


A vulnerability in Windows TCP/IP stack could be exploited by an a remote attacker to run arbitrary code in kernel mode.

Detailed Description

Microsoft has issued a security update to address a vulnerability in Windows TCP/IP stack. The vulnerability is caused by an integer overflow, which results from processing a continuous flow of maliciously crafted UDP packet.

Upon successful exploit, an attacker could be able to execute arbitrary code in kernel mode and take complete control of the affected system.

A security patch for this vulnerability has been released, introducing modification on the way that Windows TCP/IP stack keeps track of UDP packets within memory. Users are recommended to install this latest patch to protect their system from potential exploit.

CVE Reference



Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms11-083)

Online Virus Scanner

Run a quick online virus scan of your computer.