Description: This update resolves a privately reported vulnerability in the way certain Windows Internet Protocol Security (IPsec) rules are applied. This vulnerability could cause systems to ignore IPsec policies and transmit network traffic in clear text. This, in turn, would disclose information intended to be encrypted on the network. An attacker viewing the traffic on the network would be able to view and possibly modify the contents of the traffic. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly. It could be used to collect useful information to try to further compromise the affected system or network. The security update addresses the vulnerability by ensuring that IPsec rules are processed appropriately.

Update type: Important

Release date: August 12, 2008

Applies to: All

Knowledge base: support.microsoft.com/kb/953733

Download link: 32-bit | 64-bit

Comments: Here are the specifics on the vulnerabilities covered by this update:

• IPsec Policy Information Disclosure Vulnerability - CVE-2008-2246