[Microsoft Alert] Microsoft Security Bulletin MS06-018

Vulnerability in Microsoft Distributed Transaction Coordinator

Could Allow Denial of Service (913580)

Issued: May 9, 2006

Version: 1.0

 

Summary

Who should read this document: Customers who use Microsoft Windows

 

Impact of Vulnerability: Denial of Service

 

Maximum Severity Rating: Moderate

 

Recommendation: Customers should consider applying the security

update.

 

Security Update Replacement: This bulletin replaces a prior security update. See the frequently asked questions (FAQ) section of this bulletin for the complete list.

 

 

Vulnerability Details:

A denial of service vulnerability exists that could allow an attacker to send a specially crafted network message to an affected system. An attacker could cause the Microsoft Distributed Transaction Coordinator (MSDTC) to stop responding. Note that the denial of service vulnerability would not allow an attacker to execute code or to elevate their user rights, but it could cause the affected system to stop accepting requests.

 

 

 

 

Affected Software:

Microsoft Windows 2000 Service Pack 4

Microsoft Windows XP Service Pack 1 and Microsoft Windows XP

Service Pack 2

Microsoft Windows Server 2003

Microsoft Windows Server 2003 for Itanium-based Systems

 

 

 

Non-Affected Software:

Microsoft Windows XP Professional x64 Edition

Microsoft Windows Server 2003 Service Pack 1

Microsoft Windows Server 2003 x64 Edition

Microsoft Windows Server 2003 with SP1 for Itanium-based Systems

Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE),

and Microsoft Windows Millennium Edition (Me)

 

 

 

References: http://www.microsoft.com/security/bulletins/current.mspx (Microsoft Security Updates)

---