arcana imperii :: the book of j


windows (TCP/IP) remote attack vulnerability

microsoft issued on wednesday [18 may] a prepatch advisory to counter the publication of exploit code for a newly discovered vulnerability in its implementation of tcp/ip. the redmond, washington, company's confirmation of the flaw is the first public test of the software giant's new security advisories pilot project, which is meant to provide instant feedback, guidance and mitigations when third-party researchers release vulnerability details and exploits before a patch is available.

in this case, microsoft corp.'s security advisory 899480 comes 24 hours after an alert with accompanying exploit code was published by frsirt (french security incident response team), a private research outfit. «various tcp implementations could allow a remote attacker to set arbitrary timer values for a tcp connection. an attacker who successfully exploited this vulnerability could cause the affected system to reset existing tcp connections. those connections would have to be re-established for communication to continue», said microsoft in its advisory.

[complete] via neowin via eWeek.