Unchecked Buffer in PPTP Implementation Could Enable DOS Attacks (Q329834)

Summary
Hotfix to fix Unchecked Buffer in PPTP Implementation (Q329834) is not installed. A security vulnerability results in the Windows 2000 and Windows XP implementations because of an unchecked buffer in a section of code that processes the control data used to establish, maintain and tear down PPTP connections. By delivering specially malformed PPTP control data to an affected server, an attacker could corrupt kernel memory and cause the system to fail, disrupting any work in progress on the system. Impact of vulnerability: Denial of service Maximum Severity Rating: Critical Recommendation: Administrators should install the patch immediately. Affected Software: Microsoft Windows 2000 Microsoft Windows XP See http://www.microsoft.com/technet/security/bulletin/ms02-063.mspx