Summary
This host is missing a critical security update according to Microsoft Bulletin MS07-058.
Impact
Successful exploitation could allow remote attackers to send a specially crafted RPC authentication request to a computer over the network and cause the computer to stop responding and automatically restart.
Impact Level: System/Application
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/ms07-058.mspx
Insight
The flaw is due to windows RPC code, that does not properly communicate with the 'NTLM' security provider when performing authentication of RPC requests.
Affected
Microsoft Windows XP Service Pack 2 and prior
Microsoft Windows 2000 ervice Pack 4 and prior
Microsoft Windows 2K3 Service Pack 2 and prior
Microsoft Windows Vista
References
Severity
Classification
-
CVE CVE-2007-2228 -
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C
Related Vulnerabilities
- Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426)
- Microsoft Excel Remote Code Execution Vulnerability (956416)
- Microsoft .NET Framework Multiple Vulnerabilities (2916607)
- Microsoft .NET Common Language Runtime Remote Code Execution Vulnerability (2265906)
- Microsoft Filter Pack Remote Code Execution Vulnerability (2801261)