497 日問題を回避する修正モジュールについて


皆様、こんにちは。

Windows プラットフォーム サポート担当の藤田と申します。

今回は 497 日問題の修正についてお話しさせていただきます。

497 日問題そのものの修正は以下の修正モジュールをご適用いただくことで現象を回避することができます。

================================================================================================

– KB2553549

All the TCP/IP ports that are in a TIME_WAIT status are not closed after 497 days from system startup in Windows Vista, in Windows 7, in Windows Server 2008 and in Windows Server 2008 R2

http://support.microsoft.com/kb/2553549/en-us

================================================================================================

497 日問題は Tcpip.sys そのものと依存関係のあるモジュールに修正が加えられています。

しかし、上記の修正モジュールがリリースされてから、Tcpip.sys の修正もどんどん Update されています。

つまり KB2553549 を適用しなくても、497 日問題を回避することができます。

 

 

497 日問題が対処されているか気になったら、以下の修正モジュールが適用されているかどうか、実際に Tcpop.sys のバージョンは KB2553549 の時のモジュールよりも更新されているかどうかご確認いただけますと幸いです。

KB2553549 の公開情報に Tcpip.sys 以外にも Fwpkclnt.sys のバージョンが更新される旨、記載されておりますが、Tcpip.sys Fwpkclnt.sys は依存関係にあるモジュールであり、Tcpip.sys のバージョンが更新されると必然的に Fwpkclnt.sys のバージョンも更新されます。

よって、KB2553549 の問題が修正されているかどうか確認するにあたっては、Tcpip.sys のバージョンのみをご確認いただくことで問題ございません。

 

===============================================

Windows 7

===============================================

Windows 7 では以下のセキュリティパッチによって KB2553549 の tcpip.sys を置き換えています。

——————————————————————————————————————————–

MS12-032: Vulnerability in TCP/IP could allow elevation of privilege: May 8, 2012

 

http://support.microsoft.com/kb/2688338/en-us

——————————————————————————————————————————–

MS13-018: Vulnerability in TCP/IP could allow denial of service: February 12, 2013

 

http://support.microsoft.com/kb/2790655/en-us

——————————————————————————————————————————–

 

 

セキュリティパッチ以外でも以下の修正モジュールにて KB2553549 の tcpip.sys を置き換えています。

——————————————————————————————————————————–

Event ID 5719 and event ID 1129 may be logged when a non-Microsoft DHCP Relay Agent is used

 

http://support.microsoft.com/kb/2459530

——————————————————————————————————————————–

An IPsec connection to back-end databases from a WTT application times out in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2524732/en-us

——————————————————————————————————————————–

Slow failover operation if no router exists between the cluster and an application server

 

http://support.microsoft.com/kb/2582281/en-us

——————————————————————————————————————————–

TCP/IP packets that are received out of sequence are discarded in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2634907/en-us

——————————————————————————————————————————–

Multicast packets are dropped in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2639824

——————————————————————————————————————————–

Slow data transfer speed in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2675785

——————————————————————————————————————————–

Stop error when a Windows 7-based or Windows Server 2008 R2-based computer crashes randomly

 

http://support.microsoft.com/kb/2719347/en-us

——————————————————————————————————————————–

Default gateway is set to 0.0.0.0 if you start a Windows Vista-based, Windows 7-based, Windows Server 2008-based or Windows Server 2008 R2-based computer from an iSCSI boot device

 

http://support.microsoft.com/kb/2727330/en-us

——————————————————————————————————————————–

Incorrect time is displayed in a device that uses ICMP to synchronize time information with a Windows 7-based or Windows Server 2008 R2-based computer

 

http://support.microsoft.com/kb/2733445/en-us

——————————————————————————————————————————–

TCP SACK option is always set to "true" after you enable the TCP/IP Offloading feature in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2741850/en-us

——————————————————————————————————————————–

FTP client does not establish a passive-mode FTP connection to an IPv4 FTP server in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2754804/en-us

——————————————————————————————————————————–

Hotfix enables the configuration of the TCP maximum SYN retransmission amount in Windows 7 or Windows Server 2008 R2

 

http://support.microsoft.com/kb/2786464

——————————————————————————————————————————–

Memory leak when an application uses the FwpsNetBufferListAssociateContext0 function in Windows 7 or Windows Server 2008 R2

 

http://support.microsoft.com/kb/2789378/en-us

——————————————————————————————————————————–

 

 

 

===============================================

Windows Server 2008 R2

===============================================

Windows Server 2008 R2 では以下のセキュリティパッチによって KB2553549 の tcpip.sys を置き換えています。

 

——————————————————————————————————————————–

MS12-032: Vulnerability in TCP/IP could allow elevation of privilege: May 8, 2012

 

http://support.microsoft.com/kb/2688338/en-us

——————————————————————————————————————————–

MS13-018: Vulnerability in TCP/IP could allow denial of service: February 12, 2013

 

http://support.microsoft.com/kb/2790655/en-us

——————————————————————————————————————————–

 

 

セキュリティパッチ以外でも以下の修正モジュールにて KB2553549 の tcpip.sys を置き換えています。

——————————————————————————————————————————–

Event ID 5719 and event ID 1129 may be logged when a non-Microsoft DHCP Relay Agent is used

 

http://support.microsoft.com/kb/2459530

——————————————————————————————————————————–

An IPsec connection to back-end databases from a WTT application times out in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2524732/en-us

——————————————————————————————————————————–

Slow failover operation if no router exists between the cluster and an application server

 

http://support.microsoft.com/kb/2582281/en-us

——————————————————————————————————————————–

TCP/IP packets that are received out of sequence are discarded in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2634907/en-us

——————————————————————————————————————————–

Multicast packets are dropped in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2639824

——————————————————————————————————————————–

Slow data transfer speed in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2675785

——————————————————————————————————————————–

Stop error when a Windows 7-based or Windows Server 2008 R2-based computer crashes randomly

 

http://support.microsoft.com/kb/2719347/en-us

——————————————————————————————————————————–

Default gateway is set to 0.0.0.0 if you start a Windows Vista-based, Windows 7-based, Windows Server 2008-based or Windows Server 2008 R2-based computer from an iSCSI boot device

 

http://support.microsoft.com/kb/2727330/en-us

——————————————————————————————————————————–

Incorrect time is displayed in a device that uses ICMP to synchronize time information with a Windows 7-based or Windows Server 2008 R2-based computer

 

http://support.microsoft.com/kb/2733445/en-us

——————————————————————————————————————————–

TCP SACK option is always set to "true" after you enable the TCP/IP Offloading feature in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2741850/en-us

——————————————————————————————————————————–

FTP client does not establish a passive-mode FTP connection to an IPv4 FTP server in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2754804/en-us

——————————————————————————————————————————–

TCP packets sent from Windows Server 2008 R2 are retransmitted when SACK is disabled on the client computer

 

http://support.microsoft.com/kb/2764305/en-us

——————————————————————————————————————————–

Data is corrupted when there is insufficient memory on a Windows-based computer

 

http://support.microsoft.com/kb/2785146/en-us

——————————————————————————————————————————–

Memory leak when an application uses the FwpsNetBufferListAssociateContext0 function in Windows 7 or Windows Server 2008 R2

 

http://support.microsoft.com/kb/2789378/en-us

——————————————————————————————————————————–

Hotfix enables the configuration of the TCP maximum SYN retransmission amount in Windows 7 or Windows Server 2008 R2

 

http://support.microsoft.com/kb/2786464

——————————————————————————————————————————–

 

 

 

===============================================

Windows 7 (SP1)

===============================================

Windows 7 (SP1) では以下のセキュリティパッチによって KB2553549 の tcpip.sys を置き換えています。

——————————————————————————————————————————–

MS12-032: Vulnerability in TCP/IP could allow elevation of privilege: May 8, 2012

 

http://support.microsoft.com/kb/2688338/en-us

——————————————————————————————————————————–

MS13-018: Vulnerability in TCP/IP could allow denial of service: February 12, 2013

 

http://support.microsoft.com/kb/2790655/en-us

——————————————————————————————————————————–

MS13-049: Vulnerability in kernel-mode driver could allow denial of service: June 11, 2013

 

http://support.microsoft.com/kb/2845690/en-us

——————————————————————————————————————————–

MS13-065: Vulnerability in ICMPv6 could allow denial of service: August 13, 2013

 

http://support.microsoft.com/kb/2868623/en-us

——————————————————————————————————————————–

MS14-031: Description of the security update for TCP for Windows: June 10, 2014

 

http://support.microsoft.com/kb/2957189/en-us

——————————————————————————————————————————–

 

 

セキュリティパッチ以外でも以下の修正モジュールにて KB2553549 の tcpip.sys を置き換えています。

——————————————————————————————————————————–

Event ID 5719 and event ID 1129 may be logged when a non-Microsoft DHCP Relay Agent is used

 

http://support.microsoft.com/kb/2459530

——————————————————————————————————————————–

An IPsec connection to back-end databases from a WTT application times out in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2524732/en-us

——————————————————————————————————————————–

Slow failover operation if no router exists between the cluster and an application server

 

http://support.microsoft.com/kb/2582281/en-us

——————————————————————————————————————————–

TCP/IP packets that are received out of sequence are discarded in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2634907/en-us

——————————————————————————————————————————–

Multicast packets are dropped in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2639824

——————————————————————————————————————————–

Slow data transfer speed in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2675785

——————————————————————————————————————————–

Stop error when a Windows 7-based or Windows Server 2008 R2-based computer crashes randomly

 

http://support.microsoft.com/kb/2719347/en-us

——————————————————————————————————————————–

Default gateway is set to 0.0.0.0 if you start a Windows Vista-based, Windows 7-based, Windows Server 2008-based or Windows Server 2008 R2-based computer from an iSCSI boot device

 

http://support.microsoft.com/kb/2727330/en-us

——————————————————————————————————————————–

Incorrect time is displayed in a device that uses ICMP to synchronize time information with a Windows 7-based or Windows Server 2008 R2-based computer

 

http://support.microsoft.com/kb/2733445/en-us

——————————————————————————————————————————–

TCP SACK option is always set to "true" after you enable the TCP/IP Offloading feature in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2741850/en-us

——————————————————————————————————————————–

FTP client does not establish a passive-mode FTP connection to an IPv4 FTP server in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2754804/en-us

——————————————————————————————————————————–

Memory leak when an application uses the FwpsNetBufferListAssociateContext0 function in Windows 7 or Windows Server 2008 R2

 

http://support.microsoft.com/kb/2789378/en-us

——————————————————————————————————————————–

Hotfix enables the configuration of the TCP maximum SYN retransmission amount in Windows 7 or Windows Server 2008 R2

 

http://support.microsoft.com/kb/2786464

——————————————————————————————————————————–

MS13-018: Vulnerability in TCP/IP could allow denial of service: February 12, 2013

 

http://support.microsoft.com/kb/2790655/en-us

——————————————————————————————————————————–

 

 

 

===============================================

Windows Server 2008 R2 (SP1)

===============================================

Windows Server 2008 R2 (SP1) では以下のセキュリティパッチによって KB2553549 の tcpip.sys を置き換えています。

 

——————————————————————————————————————————–

MS12-032: Vulnerability in TCP/IP could allow elevation of privilege: May 8, 2012

 

http://support.microsoft.com/kb/2688338/en-us

——————————————————————————————————————————–

MS13-018: Vulnerability in TCP/IP could allow denial of service: February 12, 2013

 

http://support.microsoft.com/kb/2790655/en-us

——————————————————————————————————————————–

MS13-049: Vulnerability in kernel-mode driver could allow denial of service: June 11, 2013

 

http://support.microsoft.com/kb/2845690/en-us

——————————————————————————————————————————–

MS13-065: Vulnerability in ICMPv6 could allow denial of service: August 13, 2013

 

http://support.microsoft.com/kb/2868623/en-us

——————————————————————————————————————————–

MS14-031: Description of the security update for TCP for Windows: June 10, 2014

 

http://support.microsoft.com/kb/2957189/en-us

——————————————————————————————————————————–

 

 

セキュリティパッチ以外でも以下の修正モジュールにて KB2553549 の tcpip.sys を置き換えています。

——————————————————————————————————————————–

Event ID 5719 and event ID 1129 may be logged when a non-Microsoft DHCP Relay Agent is used

 

http://support.microsoft.com/kb/2459530

——————————————————————————————————————————–

An IPsec connection to back-end databases from a WTT application times out in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2524732/en-us

——————————————————————————————————————————–

Slow failover operation if no router exists between the cluster and an application server

 

http://support.microsoft.com/kb/2582281/en-us

——————————————————————————————————————————–

TCP/IP packets that are received out of sequence are discarded in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2634907/en-us

——————————————————————————————————————————–

Multicast packets are dropped in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2639824

——————————————————————————————————————————–

Slow data transfer speed in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2675785

——————————————————————————————————————————–

Stop error when a Windows 7-based or Windows Server 2008 R2-based computer crashes randomly

 

http://support.microsoft.com/kb/2719347/en-us

——————————————————————————————————————————–

Default gateway is set to 0.0.0.0 if you start a Windows Vista-based, Windows 7-based, Windows Server 2008-based or Windows Server 2008 R2-based computer from an iSCSI boot device

 

http://support.microsoft.com/kb/2727330/en-us

——————————————————————————————————————————–

Incorrect time is displayed in a device that uses ICMP to synchronize time information with a Windows 7-based or Windows Server 2008 R2-based computer

 

http://support.microsoft.com/kb/2733445/en-us

——————————————————————————————————————————–

TCP SACK option is always set to "true" after you enable the TCP/IP Offloading feature in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2741850/en-us

——————————————————————————————————————————–

FTP client does not establish a passive-mode FTP connection to an IPv4 FTP server in Windows 7 or in Windows Server 2008 R2

 

http://support.microsoft.com/kb/2754804/en-us

——————————————————————————————————————————–

TCP packets sent from Windows Server 2008 R2 are retransmitted when SACK is disabled on the client computer

 

http://support.microsoft.com/kb/2764305/en-us

——————————————————————————————————————————–

Data is corrupted when there is insufficient memory on a Windows-based computer

 

http://support.microsoft.com/kb/2785146/en-us

——————————————————————————————————————————–

Hotfix enables the configuration of the TCP maximum SYN retransmission amount in Windows 7 or Windows Server 2008 R2

 

http://support.microsoft.com/kb/2786464

——————————————————————————————————————————–

Memory leak when an application uses the FwpsNetBufferListAssociateContext0 function in Windows 7 or Windows Server 2008 R2

 

http://support.microsoft.com/kb/2789378/en-us

——————————————————————————————————————————–

 


Comments (0)

Skip to main content