Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Microsoft Kerberos vulnerability could allow denial of service


Report ID: MS201210006
Date Published: 10 October 2012

Criticality: Important
Compromise Type: denial-of-service
Compromise From: remote


Affected Product/Component:

Windows 7
Windows Server 2008 R2




Summary

A vulnerability involving Microsoft Kerberos implementation could be exploited into causing a system to stop responding and restart.



Detailed Description

Microsoft has released a security update to address a vulnerability that exists when Microsoft Kerberos implementation fails to properly handle a specially crafted session. Upon successful exploitation, an attacker could cause the system to stop responding and restart.

This vulnerability issue has been resolved through the latest update, which introduces a correction in the way that Microsoft Kerberos implementation handles a session. Users are recommended to install the update as a protection against potential exploit attemtps.



CVE Reference

CVE-2012-2551



Solution

Install the latest security patch for applicable system, available for download from (http://technet.microsoft.com/en-us/security/bulletin/ms12-069)




Security Advisories

For a list of known vulnerabilities affecting F-Secure products and the released fixes, please refer to the Security Advisories page.