TCP/IP Selective Acknowledgement Vulnerability

  Severity: HIGH
  CVE Identifier: CVE-2010-0242,MS10-009
  Advisory Date: JUL 21, 2015

  DESCRIPTION

The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to cause a denial of service (system hang) via crafted packets with malformed TCP selective acknowledgement (SACK) values, aka "TCP/IP Selective Acknowledgement Vulnerability."

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  AFFECTED SOFTWARE AND VERSION

  • microsoft windows_server_2008
  • microsoft windows_server_2008 -
  • microsoft windows_vista