CVE-2010-0241

Name of the Vulnerable Software and Affected Versions Microsoft Windows Vista versions Gold, SP1, and SP2 Microsoft Windows Server 2008 versions Gold and SP2

Description The issue arises from insufficient bounds checking in the TCP/IP implementation when processing specially crafted ICMPv6 Route Information packets, allowing remote attackers to execute arbitrary code. This could enable an attacker to take complete control of an affected system, potentially leading to the installation of programs, viewing, changing, or deleting data, or creating new accounts with full user rights.

Recommendations For Microsoft Windows Vista versions Gold, SP1, and SP2, update to a version that includes the fix for the ICMPv6 Route Information vulnerability. For Microsoft Windows Server 2008 versions Gold and SP2, update to a version that includes the fix for the ICMPv6 Route Information vulnerability. As a temporary workaround, consider disabling IPv6 on affected systems until a patch is available.