This is a one packet killer.
MS06-007 (Vulnerability in TCP/IP Could Allow Denial of Service) describes a vulnerability in the implementation of the IGMP (Internet Group Management Protocol) version 3 in Microsoft Windows XP and Microsoft Windows 2003.
If successful, an exploit using this vulnerability will freeze the target computer; it will no longer respond and will require a hard reboot. This exploit was tested to work on.
- Windows XP Professional SP0
- Windows XP Professional SP2, firewall off
The exploit, however, failed to work on an XP SP2 installation with the firewall on.
Microsoft’s own advisory recommends blocking all IGMP traffic at the firewall or router. Having a good firewall solution will protect systems from this exploit.