Trustwave Protections Deployed: MS11-083

Last week, it was Microsoft's Patch Tuesday! For November, Microsoft released one "critical" bulletin, two "important," and one "moderate". The most critical, MS11-083 (CVE-2011-2013) which indicates a flaw in the TCP/IP implementation that possibly allows remote code execution by an attacker flooding a vulnerable OS with crafted UDP packets.

Trustwave Spiderlabs has investigated the MS11-083 threat and the team has implemented protections for our Intrusion Detection System (IDS) platforms. The deployed solution relies on detecting unusual ICMP traffic associated with this attack. Trustwave offers a variety of security products to protect against the latest threats and below is the coverage for MS11-083.

Trustwave Coverage for MS11-083
ProductThreat Mitigation
Internal Vulnerability ScannerN/A
External Vulnerability ScannerN/A
Intrusion Detection System / Intrusion Prevention System (IDS/IPS)Signature deployed on 11-14-2011 to detect suspicious ICMP traffic.
Network Access Control (NAC)N/A

Microsoft has released a security update for this vulnerability. For additional information about this exploit and the affected operating systems, please visit

Trustwave reserves the right to review all comments in the discussion below. Please note that for security and other reasons, we may not approve comments containing links.