Executive Summary
This critical security update resolves two privately reported vulnerabilities in Transmission Control Protocol/Internet Protocol (TCP/IP) processing. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
This is a critical security update for all supported editions of Windows XP and Windows Vista, an important security update for all supported editions of Windows Server 2003, and a moderate security update for all supported editions of Microsoft Windows 2000.
This security update addresses the vulnerability by modifying the way that the Windows kernel processes TCP/IP structures that contain multicast and ICMP requests.
Recommendation. Microsoft recommends that customers apply the update immediately
Known Issues. None
For more information regarding Affected and Non-Affected Software, and Frequently Asked Questions related to this incident, please visit the full security bulletin on Microsoft TechNet.