CERT-In:Indian Computer Emergency Response Team

HOME > ADVISORIES

ADVISORIES

CERT-In Advisory CIAD-2008-02
Multiple Vulnerabilities in Microsoft Windows components : TCP/IP, LSASS

Original issue date: January 09, 2008

Systems Affected

• Windows 2000
• Windows XP
• Windows 2003
• Windows Vista

Overview

Multiple vulnerabilities have been reported in various components of Microsoft Windows : TCP/IP, LSASS

Description

The vulnerability notes released by CERT-In with reference to Microsoft Security Bulletins are given below:

Microsoft Security Bulletin	Severity	CERT-In Vulnerability Notes
MS08-001: Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution	High	CIVN-2008-02: Microsoft Windows TCP/IP implementation vulnerabilities
MS08-002: Vulnerability in LSASS Could Allow Local Elevation of Privilege	Low	CIVN-2008-03: Microsoft Windows LSASS Privilege Escalation Vulnerability

Solution

Apply appropriate patches as mentioned in Microsoft Security Bulletin January 2008
http://www.microsoft.com/technet/security/bulletin/ms08-jan.mspx

Vendor Information

Microsoft Corporation
http://www.microsoft.com/technet/security/bulletin/ms08-jan.mspx

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003

Home || Feedback || FAQ || Disclaimer

CERT-In Advisory CIAD-2008-02 Multiple Vulnerabilities in Microsoft Windows components : TCP/IP, LSASS

CERT-In Advisory CIAD-2008-02
Multiple Vulnerabilities in Microsoft Windows components : TCP/IP, LSASS