Microsoft Windows TCP/IP Privilege Elevation Vulnerabilities (2688338) Network Vulnerability

Summary

This host is missing an important security update according to Microsoft Bulletin MS12-032.

Impact

Successful exploitation could allow attackers to bypass certain security restrictions and gain escalated privileges. Impact Level: System

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/ms12-032

Insight

The flaws are due to the way, - Windows Firewall handles outbound broadcast packets. - Windows TCP/IP stack handles the binding of an IPv6 address to a local interface.

Affected

Microsoft Windows 7 Service Pack 1 and prior Microsoft Windows Server 2008 R2 Service Pack 1 Microsoft Windows Vista Service Pack 2 and prior Microsoft Windows Server 2008 Service Pack 2 and prior

References

http://secunia.com/advisories/49114
http://support.microsoft.com/kb/2688338
http://technet.microsoft.com/en-us/security/bulletin/ms12-032

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-0174, CVE-2012-0179

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Microsoft DirectShow Remote Code Execution Vulnerability (2929961)
Microsoft Internet Explorer Multiple Memory Corruption Vulnerabilities (2870699)
Certificate Validation Flaw Could Enable Identity Spoofing (Q328145)
Cumulative Security Update for Internet Explorer (939653)
Microsoft Excel Remote Code Execution Vulnerabilities (968557)

Take action and discover your vulnerabilities