Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×
Windows

Submission + - Critical MS Vista/XP IGMP vulnerability 1

btellier writes: "According to MS08-01: A remote code execution vulnerability exists in the Windows kernel due to the way that the Windows kernel handles TCP/IP structures storing the state of IGMPv3 and MLDv2 queries. Supported editions of Microsoft Windows XP, Windows Server 2003, and Windows Vista all support IGMPv3. An anonymous attacker could exploit the vulnerability by sending specially crafted IGMPv3 and MLDv2 packets to a computer over the network. An attacker who successfully exploited this vulnerability could take complete control of an affected system."
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Critical MS Vista/XP IGMP vulnerability

Comments Filter:
  • This is massive, in that this (TCP/IP - IGMP) is the core of how all computers communicate on the internet, everybody uses it. And it's remotely exploitable, in the "they're going to take over your PC" kind of way. This is the kind of stuff that makes worm authors salivate.

    Also, it impacts ALL versions of windows, the most popular (XP, Vista) the worst.

    Ouch.

Refreshed by a brief blackout, I got to my feet and went next door. -- Martin Amis, _Money_

Working...