Microsoft Security Advisory (899480)
Vulnerability in TCP Could Allow Connection Reset
Published: May 18, 2005
http://www.microsoft.com/technet/sec...ry/899480.mspx
This issue does not affect Windows 98, Windows 98 SE, or Windows Millennium Edition. If you have installed Windows XP Service Pack 2, Windows Server 2003 Service Pack 1, or the MS05-019 security update you are not affected by this vulnerability.
This attack requires the TCP Timestamp Option registry setting to be enabled. This setting is enabled by default. However, this option can be disabled. Systems that have disabled this setting are not affected by this vulnerability. For more information about this setting, visit the following Web site.
http://www.microsoft.com/resources/d...ntry/58800.asp
To check out your settings:
Start->Run->regedit
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Tcp1323Opts
Value Meaning
0 (00) Timestamps and window scaling are disabled.
1 (01) Window scaling is enabled.
2 (10) Timestamps are enabled.
3 (11) Timestamps and window scaling are enabled.
MS05-019 security bulletin is currently scheduled to be re-released in June of 2005. The original security update successfully addressed the vulnerabilities that are described in the security bulletin and the vulnerability that is documented in this advisory. However, the original security update contains a known network connectivity issue that affects a particular type of network configuration. Until the re-release of this security update is available, customers who experience the symptoms that are described in Microsoft Knowledge Base Article 898060 should follow the instructions that are contained in the article to address the network connectivity issue. If you are not experiencing this network connectivity issue, we recommend that you install the currently available security update to help protect against the vulnerabilities that are described in this security advisory and the original security bulletin.
-- Tom
-- Tom
