FNAL Critical Vulnerability Patch By: November 23, 2011 Product: Microsoft Windows - Vulnerability in TCP/IP Could Allow Remote Code Execution (MS11-083) Platform: Microsoft Vista SP2 (32 & 64 bit), Windows Server 2008 SP2 (32 & 64 bit), Windows 7 SP1 (32 & 64 bit), Windows Server 2008 R2 (x64 and Itanium) Host Remediation: Windows machines should apply Microsoft patch MS11-083 (part of the November 2011 patch bundle). Use a Desktop firewall with a default deny policy, if possible. FNAL Site Actions: Force deadline for patch MS11-083 to be early morning November 23rd. A vulnerability has been reported and patched by Microsoft affecting how Windows references connections to closed ports. An attacker may craft a large number of UDP packets to a host, possibly resulting in remote code execution or a denial of service. FNAL Computer Security cannot implement a border block, as this attack requires crafted packets sent in large quantity to any closed port on a Windows system. While this is attack is difficult due to a lack of consistency in operating system behavior, all affected Windows systems* must be patched by Wednesday, November 23rd, 2011. This date may be moved sooner if required. Microsoft reference URL: http://technet.microsoft.com/en-us/security/bulletin/ms11-083 * Please see above for affected systems. Windows XP SP3 and Windows Server 2003 SP2 are not affected. |
For
assistance contact servicedesk@fnal.gov.
Information compiled and maintained by Computer Security Team ; last modified on Nov 11, 2011. (Address comments about page to the Computer Security Team.) |