Start
About
FAQ
Blogroll
ShopVulnerabilities in Windows TCP/IP Could Allow Remote Code Execution
Description: This critical security update resolves two privately reported vulnerabilities in Transmission Control Protocol/Internet Protocol (TCP/IP) processing. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Update type: Critical
Release date: January 8, 2008
Applies to: All versions
Knowledge base: support.microsoft.com/kb/941644
Download link: 32-bit | 64-bit
Comments: A remote code execution vulnerability exists in the Windows kernel due to the way that the Windows kernel handles TCP/IP structures storing the state of IGMPv3 and MLDv2 queries. Supported editions of Microsoft Windows XP, Windows Server 2003, and Windows Vista all support IGMPv3. In addition to IGMPv3, Windows Vista supports MDLv2, which adds multicast support for IPv6 networks. An anonymous attacker could exploit the vulnerability by sending specially crafted IGMPv3 and MLDv2 packets to a computer over the network. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2007-0069.
For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB941644.
Digg
Mixx
Propeller
Slashdot
Stumble
Tips and Tricks
Windows Updates
Hotfixes
Keyboard Shortcuts
Vista's Services
Vista's Commands
Product Reviews
Glossary
Videos
Web Links
Comments
Lost Drive Blog » Critical Update for Windows Vista: KB941644
Jan 8, 2008 at 9:04 pm
[...] unknown: [...]
k.s.reddy
Jan 9, 2008 at 3:29 am
This is an excellent update. You can protect your computer by installing this update, so that no body can gain control over your system via TCP/IP.
Hank
Jan 9, 2008 at 2:26 pm
Can’t install update KB941644. I installed KB943411 & 905866 today but 941644 will not install. I also cleaned our the windows directories Microsoft suggested
Joe
Jan 13, 2008 at 12:06 pm
@Hank: Any luck getting it installed yet?
Hank
Jan 14, 2008 at 6:15 am
Yes. I deleted windows\softwaredistribution directory and downloaded each fix for KB941644, 943302 & 943899 manually and installed them separately. That worked but when I list all the uodates I ever applied they do not show up, If I try an AutoUpdate check they appear as uninstalled. I have hidden them
Hank
Jan 14, 2008 at 12:47 pm
Apparently I was wrong. I tried again to update fix 943302 and it appears as successful twice but does not show up in the “installed updates” screen
Leave a Comment