Home / bulletins MS08-047 – Important: Vulnerability in IPsec Policy Processing Could Allow Information Disclosure (953733) - Version:1.0
Posted on 12 August 2008
There is an newer version: MS08-047 - Version: 1.1
ImportantSeverity Rating: Important - Revision Note: Bulletin published.Summary: This update resolves a privately reported vulnerability in the way certain Windows Internet Protocol Security (IPsec) rules are applied. This vulnerability could cause systems to ignore IPsec policies and transmit network traffic in clear text. This, in turn, would disclose information intended to be encrypted on the network. An attacker viewing the traffic on the network would be able to view and possibly modify the contents of the traffic. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly. It could be used to collect useful information to try to further compromise the affected system or network.
Other versions
- MS08-047 - Version: 1.0
- MS08-047 - Version: 1.1
