Vulnerability in IPSec Could Allow Denial of Service
|Date Published:||16 November 2015|
|Compromise Type:||Denial of service (DoS)|
Windows 8 and Windows 8.1 |
Windows Server 2012 and Windows Server 2012 R2
Windows RT and Windows RT 8.1
Microsoft has released a security update to address a reported vulnerability involving Internet Protocol Security (IPSec). The vulnerability was caused by improper handling of encryption negotiation, and could be exploited to cause an affected system to become unresponsive. In order to exploit it, the attacker must posses valid credentials.
Install the latest security patch for applicable systems, available for download from https://technet.microsoft.com/en-us/library/security/MS15-120