badpack3t has reported a vulnerability in Windows, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error in the kernel and can be exploited to cause the system to crash. Reportedly, the integrated firewall does not protect against this.
The vulnerability has been reported in Windows XP SP2.
Solution: Restrict incoming traffic to affected systems to reduce the risk.
The vendor is reportedly working on a patch, which will be released in August.
Windows Network Connections Service Denial of Service
bkbll has discovered a vulnerability in Windows, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to an error in a function in netman.dll when a large integer is supplied as argument. Successful exploitation crashes the Network Connections Service.
The vulnerability has been confirmed in fully updated versions of Windows 2000 SP4 and Windows XP SP2. Other versions may also be affected.
Solution: Grant only trusted users access to affected systems.