Windows

Microsoft fixes critical flaw in Vista

Microsoft released its first set of fixes for 2008, patching a critical flaw in the Windows operating system that it says could be used by criminals to create a self-copying computer worm attack.

Microsoft released its first set of fixes for 2008, patching a critical flaw in the Windows operating system that it says could be used by criminals to create a self-copying computer worm attack.

Excerpt from PC World:

The critical bug lies in the way Windows processes networking traffic that uses IGMP (Internet Group Management Protocol) and MLD (Multicast Listener Discovery) protocols, which are used to send data to many systems at the same time. Microsoft says that an attacker could send specially crafted packets to a victim's machine, which could then allow the attacker to run unauthorized code on a system.

IGMP is enabled by default on both Windows Vista and Windows XP. Windows uses the IGMP protocol for many popular consumer applications, such as multiplayer games and universal plug-and-play. However, the protocol is usually blocked at the router.

The patch applies to Microsoft Vista, XP, 2003 Server, and the 2000 versions of Windows.

Additional reading:

About

Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.

2 comments
meryllogue
meryllogue

I play LOTRO on a Vista laptop. Did I just get my connection messed up? Is this why the LOTRO client quit suddenly and hard on my last night two times in an hour? (It has NEVER done that in all the times I have played it.)

Tig2
Tig2

Something else related to the protocol may have but the flaw has been there since day one so the erratic behavior you saw last night is being caused by something else. As you were online, it could have been any number of things. I assume you are behind a firewall and using AV so I don't know that I would assume the worst yet. If it does it again, then I would begin to troubleshoot. But one-off behavior like that can be attributed to just about anything, up to and including "noise" on the line.

Editor's Picks