=====================================================================

                           CERT-Renater

               Note d'Information No. 2013/VULN346
_____________________________________________________________________

DATE                : 14/08/2013

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Windows versions Vista, Server 2008, 7,
                        8, Server 2012, RT.

======================================================================
KB2868623
http://technet.microsoft.com/en-us/security/bulletin/ms13-065
______________________________________________________________________

Microsoft Security Bulletin MS13-065 - Important Vulnerability in ICMPv6
could allow Denial of Service (2868623)

Published Date: August 13, 2013

Version: 1.0


General Information

Executive Summary

This security update resolves a privately reported vulnerability in
Microsoft Windows. The vulnerability could allow a denial of service if
the attacker sends a specially crafted ICMP packet to the target system.

This security update is rated Important for all supported editions of
Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2,
Windows 8, Windows Server 2012, and Windows RT.


Affected Software

Windows Vista Service Pack 2 (2868623)
Windows Vista x64 Edition Service Pack 2 (2868623)
Windows Server 2008 for 32-bit Systems Service Pack 2 (2868623)
Windows Server 2008 for x64-based Systems Service Pack 2 (2868623)
Windows Server 2008 for Itanium-based Systems Service Pack 2 (2868623)
Windows 7 for 32-bit Systems Service Pack 1 (2868623)
Windows 7 for x64-based Systems Service Pack 1 (2868623)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (2868623)
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 (2868623)
Windows 8 for 32-bit Systems (2868623)
Windows 8 for 64-bit Systems (2868623)
Windows Server 2012 (2868623)
Windows RT (2868623)
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core
installation) (2868623)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core
installation) (2868623)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core
installation) (2868623)
Windows Server 2012 (Server Core installation) (2868623)


Vulnerability Information

ICMPv6 Vulnerability - CVE-2013-3183

A denial of service vulnerability exists in the Windows TCP/IP stack
that could cause the target system to stop responding until restarted.
The vulnerability is caused when the TCP/IP stack does not properly
allocate memory for incoming ICMPv6 packets.

======================================================================

=========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================