The TCP protocol uses a three-way handshake to establish a TCP connection. The last interaction in the three-way handshake is a TCP Acknowledgement (ACK) package. However, in Windows Vista, the Windows Filtering Platform (WFP) inspection occurs only after the three-way handshake is completed. Therefore, any data that is piggybacked on the ACK package may bypass the WFP inspection process.

Note: A payload can legitimately piggyback on the ACK package.

This issue affects socket applications that use NetBIOS communication on a Windows Vista-based computer.

When a computer that is running Windows Vista or Windows Server 2008 is under high stress, the TCP/IP Registry Compatibility (Tcpipreg) service may stop responding. Or, a malfunction may occur in the service. Additionally, some applications that are related to the network do not function as expected.

For example, when you resume a Windows Vista-based computer from hibernation (S4) or from suspend (S3), a malfunction occurs in the Tcpipreg service. In this case, when you try to use the net stop tcpipreg command to stop the Tcpipreg service, the command may stop responding.

• Hyper-V Management Tools available for Vista SP1
  These tools allow you to manage and interact with an installation of Hyper-V from your Vista computer in exactly the same manner that you do on a full installation of Windows Server 2008. You need to have SP1 installed on Vista in order for this to work.
  (tags: Hyper-V SP1 )
• Analyzing 3 months of Vista reliability data | Hardware 2.0 | ZDNet.com
  A look at how the Reliability monitor can help you see how healthy your computer is.
  (tags: Reliability )

Keep reading →

This article describes the Address Resolution Protocol (ARP) caching behavior in Windows Vista TCP/IP implementations. Keep reading →

• Vista Themes - Tweaking with Vishal
  Four themes for Vista, with instructions on how to download and install them.
  (tags: GUI Theme )
• Information about Request for Comments (RFCs) that are supported in Windows Vista
  This article discusses the Request for Comments (RFCs) that are supported by the Windows Vista TCP/IP protocol stack.
  (tags: TCP RFC )

This article discusses the Request for Comments (RFCs) that are supported by the Windows Vista TCP/IP protocol stack. Keep reading →

Consider the following scenario:

• You have a Windows Vista-based computer that is running Windows Firewall.
• A client application tries to connect through TCP port 1723.

In this scenario, Windows Vista may disconnect communications to the client. The following are examples of such client applications:

• FTP applications that connect through port 1723
• P2P applications that connect through port 1723
• Multifunction printers on which scanning or faxing options use port 1723 for communications
  Note: In this situation, no error message is displayed in Windows. However, an error is displayed on the printer.

When you run a script to perform a Windows Management Instrumentation (WMI) query for TCP/IP ports on a computer that is running a non-English version of Windows Vista, the query results may be empty. This issue occurs even if TCP/IP ports are installed on the computer. The issue causes the script to be unable to detect the installed TCP/IP ports.

Additionally, you may encounter some function failure. For example, you may be unable to install a printer by using a script that resembles the following script to install a printer:

SELECT * FROM Win32_TCPIPPrinterPort

Note: The issue does not occur on a computer that is running the English version of Windows Vista.

Description: This important update resolves a privately reported vulnerability in Transmission Control Protocol/Internet Protocol (TCP/IP) processing. An attacker who successfully exploited this vulnerability could cause the affected system to stop responding and automatically restart. This update addresses the vulnerability by validating the IP address provided by a DHCP server or assigned by command or API at the local machine. Keep reading →

When you use a program that tries to bind to TCP network ports on a Windows-based computer, you may receive the following Winsock error message:

WSAEADDRINUSE (10048) Only one usage of each socket address (protocol/network address/port) is normally permitted.

This behavior occurs if the following conditions are true:

• Internet Connection Sharing is enabled on the computer that is running Windows.
• The program tries to connect to TCP ports in the 5001 to 5032 range.