14 DAY TRIAL // Windows Vista, Microsoft's most secure Windows platform on the market, can be rendered inoperable via network attacks. A vulnerability residing in the operating system's network stacks makes Vista vulnerable to exploits through a local network. Due to the fact that the attacks do not allow for remote code execution, but only for a Denial of Service, Microsoft will most likely qualify this vulnerability as an issue with a low level of severity.
"Microsoft Windows XP and Vista overwrites ARP table entries included in gratuitous ARP, which allows remote attackers to cause a denial of service (loss of network access) by sending a gratuitous ARP for the address of the Vista host," reads the description of the CVE-2007-1531 vulnerability impacting Vista and XP.
The Windows Vista Forged ARP packet Network Stack DoS exploit involves crashing the operating system via a malformed ARP packet. The attack can be directed exclusively at local networks. But this also involves wireless venues. Windows Vista and Windows XP powered machines connected into a wireless network could potentially be targeted by Network Stack DoS exploits.
Among the resources that have conducted to the discovery of this vulnerability is a security paper authored by Symantec with Windows Vista new protocol stack in the focus. The study referenced is "The Teredo Protocol: Tunneling Past Network Security and Other Security Implications."
"As with XP, in Vista if an ARP message is forged so that it appears another host has the same IPv4 address as the Vista host, the network interface will become unusable until reset. We have found this to be the case at least for statically configured addresses. The CVE also seems to refer to our discovery that Vista will allow unsolicited ARP messages to update existing ARP table entries, which can be used as a denial or service or to redirect traffic. Microsoft has tightened the circumstance under which this attack can take place since beta builds," revealed Jim Hoagland, Symantec Principal Security Researcher.