Barracuda Labs has discovered a vulnerability in the way the DHCPv6 components of Windows handle malformed packets.

Upon the reception of a "malformed” DHCPv6 Reply packet, the RPC server reports a critical error 0xc0000374 and then becomes unresponsive. The results is that a type of denial-of-service attack could be launched and prevent other machines from connecting to the network.

To exploit this vulnerability, an attacker would need to intercept DHCPv6 traffic and send a modified reply with a malformed Domain Search List option. On reception of this malformed packet, RPC on the remote machine would fail.

According to the advisory issued by Barracuda, the vulnerability affects at least Microsoft Windows 7 Ultimate SP1 32 bit & 64 bit and that it is very likely that other versions of Windows 7 (and maybe earlier) are affected.