CVE-2014-0254

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version Windows Server 2012 versions prior to the fixed version Windows RT versions prior to the fixed version

Description The issue is related to the IPv6 implementation in Microsoft Windows, which does not properly validate packets. This allows remote attackers to cause a denial of service, resulting in a system hang, via crafted ICMPv6 Router Advertisement packets. An attacker who successfully exploits this issue could cause the affected system to stop responding.

Recommendations For Microsoft Windows versions prior to the fixed version, update to the fixed version to resolve the issue. For Windows Server 2012 versions prior to the fixed version, update to the fixed version to resolve the issue. For Windows RT versions prior to the fixed version, update to the fixed version to resolve the issue. As a temporary workaround, consider restricting access to ICMPv6 Router Advertisement packets to minimize the risk of exploitation.