Security 10748 Published by

Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code Execution

On June 12, 2002, Microsoft released the original version of this bulletin. On July 2, 2002, the bulletin was updated to reflect the availability of a revised patch. Although the original patch completely eliminated the vulnerability, it had the side effect of preventing non-administrative users from making VPN connections in some cases. The revised patch correctly handles VPN connections. The revised patch is immediately available from the Download Center
and will be soon made available via WindowsUpdate.

Read more