Denial-of-Service Vulnerability in TCP Affects Windows
- By Scott Bekker
- May 19, 2005
Microsoft on Wednesday issued a security advisory to warn Windows users of a new denial of service vulnerability affecting TCP/IP.
The warning comes as part of a new pilot program, which Microsoft is using to acknowledge new security problems, provide workarounds and report progress in fixing flaws.
The TCP flaw allows a remote attacker to set arbitrary timer values for a TCP connection, creating a denial-of-service condition until TCP connections are re-established.
"We do not consider this to be a significant threat to the security of the Internet," Microsoft stated in the advisory. First among mitigating factors is that the flaw can only be used to create a denial of service; privilege elevation and code execution are not possible, according to Microsoft.
The flaw does not affect Windows 98/98 SE/ME. Changes made in Windows XP Service Pack 2, Windows Server 2003 Service Pack 1 and the MS05-019 security update eliminated the vulnerability.
Complicating the choice to apply MS05-019 are Microsoft's plans to rerelease MS05-019 in June to fix some problems it introduced with network connectivity in certain network configurations. The network connectivity problems are not related to the new TCP/IP flaws or the critical remote code execution flaw that the April bulletin was issued to patch.
For more information on the TCP security advisory and the MS05-019 rerelease, see Microsoft Security Advisory (899480).
Scott Bekker is editor in chief of Redmond Channel Partner magazine.