The software maker's confirmation follows public disclosure of the vulnerability by a private security researcher who goes by the moniker "badpack3t."The flaw was reported to Microsoft at 5/4/2005 and they have been working on it since then. Badpack3t says Microsoft informed him a fix would be ready in August. More details at eWeek
In an advisory posted at SecurityProtocols.com, the researcher described the issue as a remote kernel denial-of-service flaw affecting XP SP2, with the default firewall turned on.
Microsoft to fix potentially serious security flaw in Windows XP SP2
Posted on Sunday, July 17 2005 @ 4:35 CEST by Thomas De Maesschalck