Vulnerability in Windows ISATAP Component Could Allow Spoofing
Description: This security update resolves one privately reported vulnerability in Microsoft Windows. This security update is rated Moderate for Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. Windows 7 and Windows Server 2008 R2 are not vulnerable because these operating systems include the feature deployed by this security update. For more information, see the subsection, Affected and Non-Affected Software, in this section. The security update addresses the vulnerability by changing the manner in which the Windows TCP/IP stack checks the source IPv6 address in a tunneled ISATAP packet.
Update type: Moderate
Release date: April 13, 2010
Applies to: All versions
Knowledge base: http://support.microsoft.com/kb/978338
- ISATAP IPv6 Source Address Spoofing Vulnerability – CVE-2010-0812
For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB978338.