Security Update: Vulnerability in DNS Resolution Could Allow Remote Code Execution (2509553)
Breaks PPTP VPN access through RAS on a ISA 2006 Server
- From client side (Windows 7 x64 workstation) the error message is:
- From server side:
- There are no any errors in System or Application even logs.
- Log on process from local console or Remote Desktop is unresponsive and takes long time sometimes.
- “Task Manager” hangs up when switching to “Networking” tab sometimes.
- “Routing and Remote Access” MMC console does not show any available VPN ports or routing table (it seems that RRAS process not working as expected).
- When capturing network traffic on ISA server between VPN client and ISA, it seems that ISA server does not replay to “GRE LCP:Configure-Request” packets.
- After server restart all is working fine:
- “Routing and Remote Access” MMC console shows available VPN ports and VPN clients connect normally.
- When capturing network traffic on ISA server between VPN client and ISA, ISA server replays to first “GRE LCP:Configure-Request” packet.
- After some time (1-12 hours) the issue reappears again.
- uninstall security update: Vulnerability in DNS Resolution Could Allow Remote Code Execution (2509553) http://support.microsoft.com/kb/2509553 (for Windows Server 2003 Service Pack 2 aggregate severity rating is “Important” not “Critical”).