Exploitability of MS11-083

I noted the anonymous bug revealed by Microsoft called a Vulnerability in TCP/IP that could Allow Remote Code Execution has been given a couple caveats of perimeter controls and performance.

This month we released MS11-083 to address an externally found reference counter issue in TCP/IP stack.

[…]

…we believe it is difficult to achieve RCE using this vulnerability considering that the type of network packets required are normally filtered at the perimeter and the small timing window between the release and next access of the structure, and a large number of packets are required to pull off the attack. As a result, we assign an Exploitability Index of “2” for this vulnerability.

A claim of inconsistent results, which justifies a 2 rating, also begs questions of who found it and how.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.