MS.Windows.TCP.Timestamp.Code.Execution
Description
This indicates an attack attempt to exploit a remote Code Execution vulnerability in Microsoft Windows.
The vulnerability is due to an error when the vulnerable system attempts to handle malicious TCP packets. An attacker can exploit this by sending malicious packets to the victim system.
Affected Products
Microsoft Windows 2000 Service Pack 4
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 SP2
Windows Vista, Windows Vista Service Pack 1 and Windows Vista Service Pack 2
Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2
Windows Server 2008
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
http://technet.microsoft.com/security/bulletin/ms09-048
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |