Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Microsoft Security Bulletins for

= Check Point has provided a protection to this bulletin

Microsoft Security Bulletin MS08-002:
Vulnerability in LSASS Could Allow Local Elevation of Privilege (943485)

Severity: High

CVE-2007-5352: LSASS Bypass Vulnerability

An elevation of privilege vulnerability exists in the Microsoft Windows Local Security Authority Subsystem Service (LSASS) due to its improper handling of local procedure call (LPC) requests. The vulnerability could allow an attacker to run code with elevated privileges. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

  • Check Point Response

Microsoft Security Bulletin MS08-001:
Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (941644)

Severity: Critical

CVE-2007-0066: Windows Kernel TCP/IP/ICMP Vulnerability

A denial of service vulnerability exists in TCP/IP due to the way that Windows Kernel processes fragmented router advertisement ICMP queries. ICMP Router Discovery Protocol (RDP) is not enabled by default and is required in order to exploit this vulnerability. However, on Windows 2003 Server and on Windows XP, RDP can be turned on by a setting in DHCP or by a setting in the registry. On Windows 2000, RDP can be turned on by a setting in the registry. An anonymous attacker could exploit the vulnerability by sending specially crafted ICMP packets to a computer over the network. An attacker who successfully exploited this vulnerability could cause the computer to stop responding and automatically restart.

CVE-2007-0069: Windows Kernel TCP/IP/IGMPv3 and MLDv2 Vulnerability

A remote code execution vulnerability exists in the Windows kernel due to the way that the Windows kernel handles TCP/IP structures storing the state of IGMPv3 and MLDv2 queries. Supported editions of Microsoft Windows XP, Windows Server 2003, and Windows Vista all support IGMPv3. In addition to IGMPv3, Windows Vista supports MDLv2, which adds multicast support for IPv6 networks. An anonymous attacker could exploit the vulnerability by sending specially crafted IGMPv3 and MLDv2 packets to a computer over the network. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Microsoft Security

2008 Microsoft Security Bulletins by Month