Revision Note: Advisory published. Advisory Summary:Microsoft is aware of a new vulnerability report affecting TCP/IP, a network component of Microsoft Windows. We are not aware of any attacks attempting to use the reported vulnerability and have no reports of customer impact at this time. Various TCP implementations could allow a remote attacker to set arbitrary timer values for a TCP connection. An attacker who successfully exploited this vulnerability could cause the affected system to reset existing TCP connections. Those connections would have to be reestablished for communication to continue. This denial of service vulnerability would not allow an attacker to execute code or to elevate their user rights. We do not consider this to be a significant threat to the security of the Internet. This is similar to other TCP connection reset issues. Changes made during the development of Windows XP Service Pack 2, Windows Server 2003 Service Pack 1, and the MS05-019 security update eliminated this vulnerability. If you have installed any of these updates, these updates already help protect you from this vulnerability and no additional action is required.

More...