Description

Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service).

1) An error in the TCP/IP stack (Tcpip.sys) when parsing received ICMP messages can be exploited to cause a system to stop responding or restart via a sequence of specially crafted ICMP messages.

2) An error in the TCP/IP stack (Tcpip.sys) when parsing URLs can be exploited to cause a system to stop responding or restart via a specially crafted URL request to a system serving web content with URL-based QoS (Quality of Service) enabled (disabled by default).

Solution

Apply patches.

Provided and/or discovered by
Reported by the vendor.

Original Advisory
MS11-064 (KB2563894):
http://www.microsoft.com/technet/security/bulletin/ms11-064.mspx

Source Advisory
http://secunia.com/advisories/45500/