Vulnerability Protection

Vulnerability in IPSec Could Allow Denial of Service


A vulnerability involving IPSec in Windows could, if successfully exploited, cause an affected system to become unresponsive. 

Detailed Description

Microsoft has released a security update to address a reported vulnerability involving Internet Protocol Security (IPSec). The vulnerability was caused by improper handling of encryption negotiation, and could be exploited to cause an affected system to become unresponsive. In order to exploit it, the attacker must posses valid credentials. 

CVE Reference

  • CVE-2015-6111


Install the latest security patch for applicable systems, available for download from


Microsoft Security Bulletin MS15-120

Get Support

For documentation and product support, visit our support site.

Go Support

F-Secure Community

Give advice. Get advice. Share the knowledge on our free discussion forum.

Go Community