Windows 7, Vista, and both Server 2008 versions contain a serious bug which allows code to be injected via a closed udp port. Microsoft has released a patch for the vulnerability fix.
Microsoft has with the release of a patch, waited for his monthly patchronde, indicating that the vulnerability is probably not in the wild being abused. That does not diminish the severity of the vulnerability: allows an attacker able to run code on a system with a recent version of Windows, by a stream of udp packets to a closed port.
That the by Microsoft as ‘critical’ surveys, and vulnerability working properly on closed ports, makes this extra serious, as well as the fact that remote code can be executed. According to Microsoft, the problem is caused by a bug in the tcp/ip stack of recent Windows versions, there is something wrong with the handling of udp packets within memory. Udp is a gegevensprotocol that works on the same level as tcp. In Windows, these are udp packets processed by the tcp/ip stack.
Microsoft has released a patch that should fix the problem. Users of Windows 7, Vista, Server 2008 and Server 2008 R2 should install the patch to themselves from the problem in order to protect users from Server 2003 and XP are not vulnerable. Although Microsoft, the exact details of the vulnerability understandably not made known, to succeed, hackers are often in order to get to know more about a hack by the associated Windows patch to parse.
In addition to the udp leak, three other bugs squashed, including security problems in Windows Mail, and Active Directory, and a denial of service vulnerability in drivers on kernelniveau run. As far as is known, the bug is that by the malware Duqu was abused, has not yet been resolved. The Duqu malware was probably used to companies to spy on, in any case including one in the Netherlands.