More Critical Patches From Microsoft
Microsoft just released a bevy of critical patches to cover at least seven worm holes in the windows operating system. These security flaws affect a wide range of networking products including Windows Server 2003 and 2008, Windows Vista (32 and 64 bit) as well as Windows 2000 SP4 (for which there is no fix. Although not the only other vendor affected by these holes, Cisco also released patches.
The TCP flaw enables an attacker to force an extremely long-lived TCP connection which could allow the system resources on the prey computer to be overtaken. New TCP connections would be curtailed requiring at the least reboot or at the worst major system crashes.
Ironically, these TCP vulnerabilities were discovered several years ago and were first publicized over a year ago. Now that the details of these vulnerabilities have been released, I am sure we will see more vendors releasing their own patches.