A remote code execution vulnerability has been discovered in the Microsoft Windows TCP/IP stack. This vulnerability occurs when Windows processes a continuous flow of specially crafted UDP packets. An attacker could exploit this vulnerability by sending a continuous flow of specially crafted UDP packets to a closed port on a target system, resulting in an integer overflow. Successful exploitation could allow attackers to run arbitrary code with kernel mode privileges. This could allow attackers to install programs; view, change, or delete data; or create new accounts with full user rights.
- Microsoft Windows Vista
- Microsoft Windows 7
- Microsoft Windows Server 2008
For more information click Here