Information that makes life easier when it comes to installing, managing, and using Windows Vista.
Start About FAQ Blogroll Shop

ITsVISTA KB-Link: KB953733

Vulnerability in IPsec Policy Processing Could Allow Information Disclosure

UpdatesDescription: This update resolves a privately reported vulnerability in the way certain Windows Internet Protocol Security (IPsec) rules are applied. This vulnerability could cause systems to ignore IPsec policies and transmit network traffic in clear text. This, in turn, would disclose information intended to be encrypted on the network. An attacker viewing the traffic on the network would be able to view and possibly modify the contents of the traffic. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly. It could be used to collect useful information to try to further compromise the affected system or network. The security update addresses the vulnerability by ensuring that IPsec rules are processed appropriately.

Update type: Important

Release date: August 12, 2008

Applies to: All

Knowledge base:

Download link: 32-bit | 64-bit

Comments: Here are the specifics on the vulnerabilities covered by this update:

  • IPsec Policy Information Disclosure Vulnerability – CVE-2008-2246
There is a download that resolves this issue.
32-bit Download: Contact Microsoft

For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB953733.

Get notified of new posts for FREE via RSS or E-mail

Subscribe to ITsVISTA!

Related Posts