Add or Remove Programs
entry for Sicherheitsupdate fÃ¼r Windows XP (KB899587)
. This is a security update for Windows XP that addresses vulnerabilities in Kerberos that could allow denial of service, information disclosure and spoofing.Kerberos: A denial of service vulnerability exists that could allow an attacker to send a specially crafted message to a Windows domain controller that could cause the service that is responsible for authenticating users in an Active Directory domain to stop responding.
PKINIT: This is an information disclosure and spoofing vulnerability. This vulnerability could allow an attacker to tamper with certain information that is sent from a domain controller and potentially access sensitive client network communication. Users could believe they are accessing a trusted server when in reality they are accessing a malicious server. However, an attacker would first have to inject themselves into the middle of an authentication session between a client and a domain controller.