Windows TCP/IP Stack ICMP Denial of Service (MS11-064)
| Check Point Reference: | CPAI-2011-112 | |
| Date Published: | ||
| Severity: | ||
| Source: | Microsoft Security Bulletin MS11-064 | |
| Industry Reference(s): | CVE-2011-1871 | |
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? Windows Vista Service Pack 2 Windows Vista x64 Edition Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for Itanium-based Systems Service Pack 2 Windows 7 for 32-bit Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Windows 7 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for Itanium-based Systems Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 | ||
| Vulnerability Description A denial of service (DoS) vulnerability has been reported in Microsoft Windows TCP/IP stack. An attacker could exploit this vulnerability to cause a DoS condition in an affected system. As a result, the system may become unresponsive and automatically reboot. |
||
|
Vulnerability Details This is a denial of service vulnerability. The issue occurs when the Windows TCP/IP stack processes a sequence of malicious ICMP messages in an improper manner. A remote attacker can exploit this vulnerability by creating a program that will send sequences of malicious ICMP messages to an affected system. Successful exploitation may enable an attacker to create a DoS condition in an affected system. As a result, the system may become unresponsive and automatically reboot. |
Protection Overview
The protection will block hosts who attempt to send large numbers of ICMP responses.
To configure the defense, select your product from the list below and follow the related protection steps.