Article ID: 309073
Article Last Modified on 4/19/2007
APPLIES TO
- Microsoft Windows XP Home Edition
- Microsoft Windows XP Professional
- Microsoft Windows 98 Second Edition
- Microsoft Windows 98 Standard Edition
This article was previously published under Q309073
For additional information on how this vulnerability affects Windows Millennium (Me), click the following article number to view the article in the Microsoft Knowledge Base:
311311 Invalid Universal Plug and Play Request can Disrupt System Operation
SYMPTOMS
By sending a particular set of commands to an affected Windows XP computer, an attacker could gradually deplete resources on the system to the point where performance could be slowed or stopped altogether.
There are a number of important restrictions affecting this vulnerability:
- Windows NT 4.0 and Windows 2000 are not affected at all by the vulnerability.
- On Windows XP, the affected component is installed and running by default, but Internet Connection Firewall significantly reduces an attacker's ability to locate the computer.
- If you install the Windows XP Internet Connection Sharing service on a Windows 98-based or Windows 98 SE-based computer.
CAUSE
The vulnerability results because the Universal Plug and Play (UPnP) service that either ships with or can be installed on Windows XP does not correctly handle certain requests. In Windows XP, these requests can cause a memory leak that, if exploited repeatedly, could deplete system resources to the point where the system performance was degraded.
The Universal Plug and Play (UPnP) service will be installed if you install the Windows XP Internet Connection Sharing service on a Windows 98-based or Windows 98 SE-based computer.
RESOLUTION
Windows XP
To resolve this problem, obtain the latest service pack for Windows XP. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
322389 How to obtain the latest Windows XP service pack
This update is available on the Microsoft Windows Update Web site.
Release Date: October 25, 2001
For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.
The English version of this fix should have the following file attributes or later:
Date Time Version Size File name ---------------------------------------------------- 03-Oct-2001 13:17 5.1.2600.15 26,624 Ssdpapi.dll 03-Oct-2001 13:17 5.1.2600.15 40,960 Ssdpsrv.dll
Windows 98 or Windows 98 SE
A supported hotfix is now available from Microsoft, but it is only intended to correct the problem that this article describes. Apply it only to systems that you determine are at risk of attack. Evaluate the computer's physical accessibility, network and Internet connectivity, and other factors to determine the degree of risk to the computer. See the associated Microsoft Security Bulletin to help determine the degree of risk. This hotfix may receive additional testing. If the computer is sufficiently at risk, we recommend that you apply this hotfix now.
To resolve this problem immediately, download the hotfix by following the instructions later in this article or contact Microsoft Product Support Services to obtain the hotfix. For a complete list of Microsoft Product Support Services telephone numbers and information about support costs, visit the following Microsoft Web site:
Note In special cases, charges that are ordinarily incurred for support calls may be canceled, if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.
Download the "Windows 98 & 98SE Security Patch: Invalid Universal Plug and Play Request can Disrupt System Operation" now
Release Date: October 29, 2001
For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to Obtain Microsoft Support Files from Online Services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.
The English version of this fix should have the following file attributes or later:
Date Time Version Size File name ---------------------------------------------------- 28-Sept-2001 04:52 4.90.3002.0 38,672 Ssdpapi.dll 28-Sept-2001 04:53 4.90.3002.0 56,592 Ssdpsrv.dll 28-Sept-2001 04:53 4.90.3002.0 128,272 Upnp.dll
STATUS
Windows XP
Microsoft has confirmed that this problem may cause a degree of security vulnerability in Microsoft Windows XP. This problem was first corrected in Windows XP Service Pack 1.
Windows 98 or Windows 98 SE
Microsoft has confirmed that this problem may cause a degree of security vulnerability in Windows 98 and Windows 98 SE.
MORE INFORMATION
For more information on this vulnerability, see the following Microsoft Web site:
Additional query words: denial of service vulnerability DoS security_patch
Keywords: kbhotfixserver kbqfe kbbug kbfix kbnetwork kbsecdos kbsechack kbsecurity kbsecvulnerability kbwinxpsp1fix KB309073