Vulnerability in Wireless LAN AutoConfig Service Could Allow Remote Code Execution
Description: This security update resolves a privately reported vulnerability in Wireless LAN AutoConfig Service. The vulnerability could allow remote code execution if a client or server with a wireless network interface enabled receives specially crafted wireless frames. Systems without a wireless card enabled are not at risk from this vulnerability. The security update addresses the vulnerability by extending the Wireless LAN AutoConfig service to properly validate wireless frames prior to processing them.
Update type: Critical
Release date: September 8, 2009
Applies to: All versions
Knowledge base: http://support.microsoft.com/kb/970710
- Wireless Frame Parsing Remote Code Execution Vulnerability – CVE-2009-1132
For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB970710.