CVE-2007-2228

Name of the Vulnerable Software and Affected Versions Microsoft Windows XP SP2 Microsoft Windows XP Professional x64 Edition Microsoft Windows Server 2003 SP1 Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2003 x64 Edition Microsoft Windows Server 2003 x64 Edition SP2 Microsoft Windows Vista Microsoft Windows Vista x64 Edition Microsoft Windows 2000 SP4

Description A denial of service issue exists due to a failure in communicating with the NTLM security provider when performing authentication of RPC requests. An attacker could exploit this by sending a specially crafted RPC authentication request to a computer over the network, causing the computer to stop responding and automatically restart. In the case of Windows 2000 SP4, the impact is an information leak.

Recommendations For Microsoft Windows XP SP2, update to a newer version to mitigate the risk. For Microsoft Windows XP Professional x64 Edition, update to a newer version to mitigate the risk. For Microsoft Windows Server 2003 SP1, update to a newer version to mitigate the risk. For Microsoft Windows Server 2003 SP2, update to a newer version to mitigate the risk. For Microsoft Windows Server 2003 x64 Edition, update to a newer version to mitigate the risk. For Microsoft Windows Server 2003 x64 Edition SP2, update to a newer version to mitigate the risk. For Microsoft Windows Vista, update to a newer version to mitigate the risk. For Microsoft Windows Vista x64 Edition, update to a newer version to mitigate the risk. For Microsoft Windows 2000 SP4, restrict access to the NTLM security provider to minimize the risk of information leak. As a temporary workaround, consider disabling the RPC facility until a patch is available.