Home / bulletins MS08-047 – Important: Vulnerability in IPsec Policy Processing Could Allow Information Disclosure (953733) - Version:1.1
Posted on 14 August 2008
ImportantSeverity Rating: Important - Revision Note: V1.1 (August 13, 2008): Added Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2 to the Non-Affected Software table.Summary: This update resolves a privately reported vulnerability in the way certain Windows Internet Protocol Security (IPsec) rules are applied. This vulnerability could cause systems to ignore IPsec policies and transmit network traffic in clear text. This, in turn, would disclose information intended to be encrypted on the network. An attacker viewing the traffic on the network would be able to view and possibly modify the contents of the traffic. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly. It could be used to collect useful information to try to further compromise the affected system or network.
Other versions
- MS08-047 - Version: 1.0
- MS08-047 - Version: 1.1
