ITsVISTA
Information that makes life easier when it comes to installing, managing, and using Windows Vista.
Start About FAQ Blogroll Shop
TS1085647 KB953395

ITsVISTA KB-Link: KB952131

June 26th, 2008 · Leave a Comment · 103 views
Tags: ,

Piggybacked data on a TCP Acknowledgement (ACK) package may bypass the WFP inspection process in Windows Vista

The TCP protocol uses a three-way handshake to establish a TCP connection. The last interaction in the three-way handshake is a TCP Acknowledgement (ACK) package. However, in Windows Vista, the Windows Filtering Platform (WFP) inspection occurs only after the three-way handshake is completed. Therefore, any data that is piggybacked on the ACK package may bypass the WFP inspection process.

Note: A payload can legitimately piggyback on the ACK package.

This issue affects socket applications that use NetBIOS communication on a Windows Vista-based computer.

There is a download that resolves this issue. See Hotfixes for details.
32-bit Download: Windows6.0-KB952131-x86.msu
64-Bit Download: Windows6.0-KB952131-x64.msu

For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB952131.

Get notified of new posts for FREE via RSS or E-mail

Subscribe to ITsVISTA!

Digg Digg | Add to Mixx! Mixx | Netscape Propeller | Slashdot Slashdot | Stumble Stumble

Related Posts

Comments

  • There are no comments yet...Come on, share your thoughts!

Leave a Comment

TS1085647 KB953395