Add or Remove Programs
entry for Security Update for Windows XP (KB899587)
. This security update for Windows XP addresses vulnerabilities in Kerberos that could allow denial of service, information disclosure and spoofing.Kerberos Vulnerability: A denial of service vulnerability exists that could allow an attacker to send a specially crafted message to a Windows domain controller that could cause the service that is responsible for authenticating users in an Active Directory domain to stop responding.
PKINIT Vulnerability: This is an information disclosure and spoofing vulnerability. This vulnerability could allow an attacker to tamper with certain information that is sent from a domain controller and potentially access sensitive client network communication. Users could believe they are accessing a trusted server when in reality they are accessing a malicious server. However, an attacker would first have to inject themselves into the middle of an authentication session between a client and a domain controller.