MS09-048: Vulnerabilities in Windows TCP/IP could allow remote code execution

Support for Windows Vista Service Pack 1 (SP1) ends on July 12, 2011. To continue receiving security updates for Windows, make sure you're running Windows Vista with Service Pack 2 (SP2). For more information, refer to this Microsoft web page: Support is ending for some versions of Windows.

INTRODUCTION

Microsoft has released security bulletin MS09-048. To view the complete security bulletin, visit one of the following Microsoft Web sites:

How to obtain help and support for this security update


Help installing updates:
Support for Microsoft Update

Security solutions for IT professionals:
TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware:
Virus Solution and Security Center

Local support according to your country:
International Support

More Information

Known issues with this security update

  • On a Windows Server 2008 Service Pack 2 (SP2)-based computer, the netsh int tcp reset command now also resets the following security parameters:
    • Memory Pressure Protection (MPP)
    • Profiles
    • Port Exemption
    • Connection Rate Limiting
      To restore the Connection Rate Limiting security parameter, you must enable the registry entry for the half-open TCP connections limit.


      For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base:
      969710 How to enable the half-open TCP connections limit in Windows Vista with Service Pack 2 and in Windows Server 2008 with Service Pack 2
  • On a Windows Server 2003-based computer, if you install the IPv6 connection protocol after you install this security update package, the event log description for IPv6 Event ID 4229 does not contain the relevant details of the event. Event ID 4229 is logged when an attack is detected, and there are no issues with the event being logged.

    To resolve this issue, you must reinstall this security update package or add the following registry key manually:

    Windows Server 2003 Service Pack 2

    Add the string %systemroot%system32\w03a3409.dll to the following registry key:
    HKEY_LOCAL_MACHINE\System\CCS\Services\eventlog\System\tcpipv6\EventMessageFile
For more information about the new Memory Pressure Protection feature for TCP stack, click the following article number to view the article in the Microsoft Knowledge Base:

974288 Description of the new Memory Pressure Protection feature for TCP stack

FILE INFORMATION

ERROR: PhantomJS timeout occurred