Windows XP SP1 And Windows 2000 SP4 Vulnerable To DoS

A new exploit might take advantage of problems in RPC on Windows XP Service Pack 1 (SP1) and Windows 2000 SP4 systems. A successful attack might lead to a Denial of Service (DoS) condition. The vulnerability can be exploited by sending specially crafted Universal Plug and Play (UPnP) requests. A memory allocation error occurs when such requests are processed by remote procedure calls (RPCs).

Microsoft Security Advisory (911052), "Memory Allocation Denial of Service Via RPC," published November 16, says that the company is aware of the potential for exploitation and includes information about possible workarounds and defensive measures. Microsoft also said that it'is investigating the problem and might eventually release a security update.

Microsoft said that systems using XP SP2 and Windows Server 2003 aren't affected by this vulnerability. You can read further details in the advisory.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.