CVE-2010-3229

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fix, including Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7

Description A denial of service issue exists due to improper processing of client certificates during SSL and TLS handshakes. This allows remote attackers to cause a denial of service, leading to an LSASS outage and system reboot, by sending a crafted packet. The issue affects systems with IIS 7.x enabled, particularly when SSL is enabled, which is not a default configuration.

Recommendations For Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.