Windows TCP/IP vulnerability could allow remote code execution
Report ID: MS201111001
Date Published: 10 November 2011
Criticality: Critical
Compromise Type: remote-code-execution
Compromise From: remote
Affected Product/Component:
Windows Vista
Windows Server 2008
Windows 7
Windows Server 2008 R2
Summary
A vulnerability in Windows TCP/IP stack could be exploited by an a remote attacker to run arbitrary code in kernel mode.
Detailed Description
Microsoft has issued a security update to address a vulnerability in Windows TCP/IP stack. The vulnerability is caused by an integer overflow, which results from processing a continuous flow of maliciously crafted UDP packet.
Upon successful exploit, an attacker could be able to execute arbitrary code in kernel mode and take complete control of the affected system.
A security patch for this vulnerability has been released, introducing modification on the way that Windows TCP/IP stack keeps track of UDP packets within memory. Users are recommended to install this latest patch to protect their system from potential exploit.
CVE Reference
CVE-2011-2013
Solution
Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms11-083)
