Article ID: 309073 - Last Review: April 19, 2007 - Revision: 2.11 Invalid Universal Plug and Play Request can Disrupt System OperationThis article was previously published under Q309073 On This PageSYMPTOMS
By sending a particular set of commands to an affected Windows XP computer, an attacker could gradually deplete resources on the system to the point where performance could be slowed or stopped altogether. There are a number of important restrictions affecting this vulnerability:
CAUSE
The vulnerability results because the Universal Plug and Play (UPnP) service that either ships with or can be installed on Windows XP does not correctly handle certain requests. In Windows XP, these requests can cause a memory leak that, if exploited repeatedly, could deplete system resources to the point where the system performance was degraded. The Universal Plug and Play (UPnP) service will be installed if you install the Windows XP Internet Connection Sharing service on a Windows 98-based or Windows 98 SE-based computer. RESOLUTIONWindows XPTo resolve this problem, obtain the latest service pack for Windows XP. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:322389
(http://support.microsoft.com/kb/322389/
)
How to obtain the latest Windows XP service pack
This update is available on the Microsoft Windows Update Web site.
Collapse this image  For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base: 119591
(http://support.microsoft.com/kb/119591/
)
How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.
The English version of this fix should have the following file attributes or later: Date Time Version Size File name ---------------------------------------------------- 03-Oct-2001 13:17 5.1.2600.15 26,624 Ssdpapi.dll 03-Oct-2001 13:17 5.1.2600.15 40,960 Ssdpsrv.dll Windows 98 or Windows 98 SEA supported hotfix is now available from Microsoft, but it is only intended to correct the problem that this article describes. Apply it only to systems that you determine are at risk of attack. Evaluate the computer's physical accessibility, network and Internet connectivity, and other factors to determine the degree of risk to the computer. See the associated Microsoft Security Bulletin (http://www.microsoft.com/technet/security/bulletin/ms01-054.mspx) to help determine the degree of risk. This hotfix may receive additional testing. If the computer is sufficiently at risk, we recommend that you apply this hotfix now.To resolve this problem immediately, download the hotfix by following the instructions later in this article or contact Microsoft Product Support Services to obtain the hotfix. For a complete list of Microsoft Product Support Services telephone numbers and information about support costs, visit the following Microsoft Web site: http://support.microsoft.com/contactus/?ws=support
(http://support.microsoft.com/contactus/?ws=support)
Note In special cases, charges that are ordinarily incurred for support calls may be canceled, if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question. Collapse this image For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base: 119591
(http://support.microsoft.com/kb/119591/EN-US/
)
How to Obtain Microsoft Support Files from Online Services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.
The English version of this fix should have the following file attributes or later: Date Time Version Size File name ---------------------------------------------------- 28-Sept-2001 04:52 4.90.3002.0 38,672 Ssdpapi.dll 28-Sept-2001 04:53 4.90.3002.0 56,592 Ssdpsrv.dll 28-Sept-2001 04:53 4.90.3002.0 128,272 Upnp.dll STATUSWindows XPMicrosoft has confirmed that this problem may cause a degree of security vulnerability in Microsoft Windows XP. This problem was first corrected in Windows XP Service Pack 1.Windows 98 or Windows 98 SEMicrosoft has confirmed that this problem may cause a degree of security vulnerability in Windows 98 and Windows 98 SE.MORE INFORMATION
For more information on this vulnerability, see the following Microsoft Web site:
http://www.microsoft.com/technet/security/bulletin/ms01-054.mspx
(http://www.microsoft.com/technet/security/bulletin/ms01-054.mspx)
| Article Translations
|
| United States | Change | | | All Microsoft Sites |
Back to the top
|
