497 日問題を回避する修正モジュールについて

Article
11/17/2014

皆様、こんにちは。

Windows プラットフォームサポート担当の藤田と申します。

今回は 497 日問題の修正についてお話しさせていただきます。

497 日問題そのものの修正は以下の修正モジュールをご適用いただくことで現象を回避することができます。

================================================================================================

- KB2553549

All the TCP/IP ports that are in a TIME_WAIT status are not closed after 497 days from system startup in Windows Vista, in Windows 7, in Windows Server 2008 and in Windows Server 2008 R2

https://support.microsoft.com/kb/2553549/en-us

================================================================================================

497 日問題は Tcpip.sys そのものと依存関係のあるモジュールに修正が加えられています。

しかし、上記の修正モジュールがリリースされてから、Tcpip.sys の修正もどんどん Update されています。

つまり KB2553549 を適用しなくても、497 日問題を回避することができます。

497 日問題が対処されているか気になったら、以下の修正モジュールが適用されているかどうか、実際に Tcpop.sys　のバージョンは KB2553549 の時のモジュールよりも更新されているかどうかご確認いただけますと幸いです。

KB2553549 の公開情報に Tcpip.sys 以外にも Fwpkclnt.sys のバージョンが更新される旨、記載されておりますが、Tcpip.sys と Fwpkclnt.sys は依存関係にあるモジュールであり、Tcpip.sys のバージョンが更新されると必然的に Fwpkclnt.sys のバージョンも更新されます。

よって、KB2553549 の問題が修正されているかどうか確認するにあたっては、Tcpip.sys のバージョンのみをご確認いただくことで問題ございません。

===============================================

Windows 7

===============================================

Windows 7 では以下のセキュリティパッチによって KB2553549 の tcpip.sys を置き換えています。

--------------------------------------------------------------------------------------------------------------------------------

MS12-032: Vulnerability in TCP/IP could allow elevation of privilege: May 8, 2012

https://support.microsoft.com/kb/2688338/en-us

--------------------------------------------------------------------------------------------------------------------------------

MS13-018: Vulnerability in TCP/IP could allow denial of service: February 12, 2013

https://support.microsoft.com/kb/2790655/en-us

--------------------------------------------------------------------------------------------------------------------------------

セキュリティパッチ以外でも以下の修正モジュールにて KB2553549 の tcpip.sys を置き換えています。

--------------------------------------------------------------------------------------------------------------------------------

Event ID 5719 and event ID 1129 may be logged when a non-Microsoft DHCP Relay Agent is used

https://support.microsoft.com/kb/2459530

--------------------------------------------------------------------------------------------------------------------------------

An IPsec connection to back-end databases from a WTT application times out in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2524732/en-us

--------------------------------------------------------------------------------------------------------------------------------

Slow failover operation if no router exists between the cluster and an application server

https://support.microsoft.com/kb/2582281/en-us

--------------------------------------------------------------------------------------------------------------------------------

TCP/IP packets that are received out of sequence are discarded in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2634907/en-us

--------------------------------------------------------------------------------------------------------------------------------

Multicast packets are dropped in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2639824

--------------------------------------------------------------------------------------------------------------------------------

Slow data transfer speed in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2675785

--------------------------------------------------------------------------------------------------------------------------------

Stop error when a Windows 7-based or Windows Server 2008 R2-based computer crashes randomly

https://support.microsoft.com/kb/2719347/en-us

--------------------------------------------------------------------------------------------------------------------------------

Default gateway is set to 0.0.0.0 if you start a Windows Vista-based, Windows 7-based, Windows Server 2008-based or Windows Server 2008 R2-based computer from an iSCSI boot device

https://support.microsoft.com/kb/2727330/en-us

--------------------------------------------------------------------------------------------------------------------------------

Incorrect time is displayed in a device that uses ICMP to synchronize time information with a Windows 7-based or Windows Server 2008 R2-based computer

https://support.microsoft.com/kb/2733445/en-us

--------------------------------------------------------------------------------------------------------------------------------

TCP SACK option is always set to "true" after you enable the TCP/IP Offloading feature in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2741850/en-us

--------------------------------------------------------------------------------------------------------------------------------

FTP client does not establish a passive-mode FTP connection to an IPv4 FTP server in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2754804/en-us

--------------------------------------------------------------------------------------------------------------------------------

Hotfix enables the configuration of the TCP maximum SYN retransmission amount in Windows 7 or Windows Server 2008 R2

https://support.microsoft.com/kb/2786464

--------------------------------------------------------------------------------------------------------------------------------

Memory leak when an application uses the FwpsNetBufferListAssociateContext0 function in Windows 7 or Windows Server 2008 R2

https://support.microsoft.com/kb/2789378/en-us

--------------------------------------------------------------------------------------------------------------------------------

===============================================

Windows Server 2008 R2

===============================================

Windows Server 2008 R2 では以下のセキュリティパッチによって KB2553549 の tcpip.sys を置き換えています。

--------------------------------------------------------------------------------------------------------------------------------

MS12-032: Vulnerability in TCP/IP could allow elevation of privilege: May 8, 2012

https://support.microsoft.com/kb/2688338/en-us

--------------------------------------------------------------------------------------------------------------------------------

MS13-018: Vulnerability in TCP/IP could allow denial of service: February 12, 2013

https://support.microsoft.com/kb/2790655/en-us

--------------------------------------------------------------------------------------------------------------------------------

セキュリティパッチ以外でも以下の修正モジュールにて KB2553549 の tcpip.sys を置き換えています。

--------------------------------------------------------------------------------------------------------------------------------

Event ID 5719 and event ID 1129 may be logged when a non-Microsoft DHCP Relay Agent is used

https://support.microsoft.com/kb/2459530

--------------------------------------------------------------------------------------------------------------------------------

An IPsec connection to back-end databases from a WTT application times out in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2524732/en-us

--------------------------------------------------------------------------------------------------------------------------------

Slow failover operation if no router exists between the cluster and an application server

https://support.microsoft.com/kb/2582281/en-us

--------------------------------------------------------------------------------------------------------------------------------

TCP/IP packets that are received out of sequence are discarded in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2634907/en-us

--------------------------------------------------------------------------------------------------------------------------------

Multicast packets are dropped in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2639824

--------------------------------------------------------------------------------------------------------------------------------

Slow data transfer speed in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2675785

--------------------------------------------------------------------------------------------------------------------------------

Stop error when a Windows 7-based or Windows Server 2008 R2-based computer crashes randomly

https://support.microsoft.com/kb/2719347/en-us

--------------------------------------------------------------------------------------------------------------------------------

Default gateway is set to 0.0.0.0 if you start a Windows Vista-based, Windows 7-based, Windows Server 2008-based or Windows Server 2008 R2-based computer from an iSCSI boot device

https://support.microsoft.com/kb/2727330/en-us

--------------------------------------------------------------------------------------------------------------------------------

Incorrect time is displayed in a device that uses ICMP to synchronize time information with a Windows 7-based or Windows Server 2008 R2-based computer

https://support.microsoft.com/kb/2733445/en-us

--------------------------------------------------------------------------------------------------------------------------------

TCP SACK option is always set to "true" after you enable the TCP/IP Offloading feature in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2741850/en-us

--------------------------------------------------------------------------------------------------------------------------------

FTP client does not establish a passive-mode FTP connection to an IPv4 FTP server in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2754804/en-us

--------------------------------------------------------------------------------------------------------------------------------

TCP packets sent from Windows Server 2008 R2 are retransmitted when SACK is disabled on the client computer

https://support.microsoft.com/kb/2764305/en-us

--------------------------------------------------------------------------------------------------------------------------------

Data is corrupted when there is insufficient memory on a Windows-based computer

https://support.microsoft.com/kb/2785146/en-us

--------------------------------------------------------------------------------------------------------------------------------

Memory leak when an application uses the FwpsNetBufferListAssociateContext0 function in Windows 7 or Windows Server 2008 R2

https://support.microsoft.com/kb/2789378/en-us

--------------------------------------------------------------------------------------------------------------------------------

Hotfix enables the configuration of the TCP maximum SYN retransmission amount in Windows 7 or Windows Server 2008 R2

https://support.microsoft.com/kb/2786464

--------------------------------------------------------------------------------------------------------------------------------

===============================================

Windows 7 (SP1)

===============================================

Windows 7 (SP1) では以下のセキュリティパッチによって KB2553549 の tcpip.sys を置き換えています。

--------------------------------------------------------------------------------------------------------------------------------

MS12-032: Vulnerability in TCP/IP could allow elevation of privilege: May 8, 2012

https://support.microsoft.com/kb/2688338/en-us

--------------------------------------------------------------------------------------------------------------------------------

MS13-018: Vulnerability in TCP/IP could allow denial of service: February 12, 2013

https://support.microsoft.com/kb/2790655/en-us

--------------------------------------------------------------------------------------------------------------------------------

MS13-049: Vulnerability in kernel-mode driver could allow denial of service: June 11, 2013

https://support.microsoft.com/kb/2845690/en-us

--------------------------------------------------------------------------------------------------------------------------------

MS13-065: Vulnerability in ICMPv6 could allow denial of service: August 13, 2013

https://support.microsoft.com/kb/2868623/en-us

--------------------------------------------------------------------------------------------------------------------------------

MS14-031: Description of the security update for TCP for Windows: June 10, 2014

https://support.microsoft.com/kb/2957189/en-us

--------------------------------------------------------------------------------------------------------------------------------

セキュリティパッチ以外でも以下の修正モジュールにて KB2553549 の tcpip.sys を置き換えています。

--------------------------------------------------------------------------------------------------------------------------------

Event ID 5719 and event ID 1129 may be logged when a non-Microsoft DHCP Relay Agent is used

https://support.microsoft.com/kb/2459530

--------------------------------------------------------------------------------------------------------------------------------

An IPsec connection to back-end databases from a WTT application times out in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2524732/en-us

--------------------------------------------------------------------------------------------------------------------------------

Slow failover operation if no router exists between the cluster and an application server

https://support.microsoft.com/kb/2582281/en-us

--------------------------------------------------------------------------------------------------------------------------------

TCP/IP packets that are received out of sequence are discarded in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2634907/en-us

--------------------------------------------------------------------------------------------------------------------------------

Multicast packets are dropped in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2639824

--------------------------------------------------------------------------------------------------------------------------------

Slow data transfer speed in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2675785

--------------------------------------------------------------------------------------------------------------------------------

Stop error when a Windows 7-based or Windows Server 2008 R2-based computer crashes randomly

https://support.microsoft.com/kb/2719347/en-us

--------------------------------------------------------------------------------------------------------------------------------

Default gateway is set to 0.0.0.0 if you start a Windows Vista-based, Windows 7-based, Windows Server 2008-based or Windows Server 2008 R2-based computer from an iSCSI boot device

https://support.microsoft.com/kb/2727330/en-us

--------------------------------------------------------------------------------------------------------------------------------

Incorrect time is displayed in a device that uses ICMP to synchronize time information with a Windows 7-based or Windows Server 2008 R2-based computer

https://support.microsoft.com/kb/2733445/en-us

--------------------------------------------------------------------------------------------------------------------------------

TCP SACK option is always set to "true" after you enable the TCP/IP Offloading feature in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2741850/en-us

--------------------------------------------------------------------------------------------------------------------------------

FTP client does not establish a passive-mode FTP connection to an IPv4 FTP server in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2754804/en-us

--------------------------------------------------------------------------------------------------------------------------------

Memory leak when an application uses the FwpsNetBufferListAssociateContext0 function in Windows 7 or Windows Server 2008 R2

https://support.microsoft.com/kb/2789378/en-us

--------------------------------------------------------------------------------------------------------------------------------

Hotfix enables the configuration of the TCP maximum SYN retransmission amount in Windows 7 or Windows Server 2008 R2

https://support.microsoft.com/kb/2786464

--------------------------------------------------------------------------------------------------------------------------------

MS13-018: Vulnerability in TCP/IP could allow denial of service: February 12, 2013

https://support.microsoft.com/kb/2790655/en-us

--------------------------------------------------------------------------------------------------------------------------------

===============================================

Windows Server 2008 R2 (SP1)

===============================================

Windows Server 2008 R2 (SP1) では以下のセキュリティパッチによって KB2553549 の tcpip.sys を置き換えています。

--------------------------------------------------------------------------------------------------------------------------------

MS12-032: Vulnerability in TCP/IP could allow elevation of privilege: May 8, 2012

https://support.microsoft.com/kb/2688338/en-us

--------------------------------------------------------------------------------------------------------------------------------

MS13-018: Vulnerability in TCP/IP could allow denial of service: February 12, 2013

https://support.microsoft.com/kb/2790655/en-us

--------------------------------------------------------------------------------------------------------------------------------

MS13-049: Vulnerability in kernel-mode driver could allow denial of service: June 11, 2013

https://support.microsoft.com/kb/2845690/en-us

--------------------------------------------------------------------------------------------------------------------------------

MS13-065: Vulnerability in ICMPv6 could allow denial of service: August 13, 2013

https://support.microsoft.com/kb/2868623/en-us

--------------------------------------------------------------------------------------------------------------------------------

MS14-031: Description of the security update for TCP for Windows: June 10, 2014

https://support.microsoft.com/kb/2957189/en-us

--------------------------------------------------------------------------------------------------------------------------------

セキュリティパッチ以外でも以下の修正モジュールにて KB2553549 の tcpip.sys を置き換えています。

--------------------------------------------------------------------------------------------------------------------------------

Event ID 5719 and event ID 1129 may be logged when a non-Microsoft DHCP Relay Agent is used

https://support.microsoft.com/kb/2459530

--------------------------------------------------------------------------------------------------------------------------------

An IPsec connection to back-end databases from a WTT application times out in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2524732/en-us

--------------------------------------------------------------------------------------------------------------------------------

Slow failover operation if no router exists between the cluster and an application server

https://support.microsoft.com/kb/2582281/en-us

--------------------------------------------------------------------------------------------------------------------------------

TCP/IP packets that are received out of sequence are discarded in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2634907/en-us

--------------------------------------------------------------------------------------------------------------------------------

Multicast packets are dropped in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2639824

--------------------------------------------------------------------------------------------------------------------------------

Slow data transfer speed in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2675785

--------------------------------------------------------------------------------------------------------------------------------

Stop error when a Windows 7-based or Windows Server 2008 R2-based computer crashes randomly

https://support.microsoft.com/kb/2719347/en-us

--------------------------------------------------------------------------------------------------------------------------------

Default gateway is set to 0.0.0.0 if you start a Windows Vista-based, Windows 7-based, Windows Server 2008-based or Windows Server 2008 R2-based computer from an iSCSI boot device

https://support.microsoft.com/kb/2727330/en-us

--------------------------------------------------------------------------------------------------------------------------------

Incorrect time is displayed in a device that uses ICMP to synchronize time information with a Windows 7-based or Windows Server 2008 R2-based computer

https://support.microsoft.com/kb/2733445/en-us

--------------------------------------------------------------------------------------------------------------------------------

TCP SACK option is always set to "true" after you enable the TCP/IP Offloading feature in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2741850/en-us

--------------------------------------------------------------------------------------------------------------------------------

FTP client does not establish a passive-mode FTP connection to an IPv4 FTP server in Windows 7 or in Windows Server 2008 R2

https://support.microsoft.com/kb/2754804/en-us

--------------------------------------------------------------------------------------------------------------------------------

TCP packets sent from Windows Server 2008 R2 are retransmitted when SACK is disabled on the client computer

https://support.microsoft.com/kb/2764305/en-us

--------------------------------------------------------------------------------------------------------------------------------

Data is corrupted when there is insufficient memory on a Windows-based computer

https://support.microsoft.com/kb/2785146/en-us

--------------------------------------------------------------------------------------------------------------------------------

Hotfix enables the configuration of the TCP maximum SYN retransmission amount in Windows 7 or Windows Server 2008 R2

https://support.microsoft.com/kb/2786464

--------------------------------------------------------------------------------------------------------------------------------

Memory leak when an application uses the FwpsNetBufferListAssociateContext0 function in Windows 7 or Windows Server 2008 R2

https://support.microsoft.com/kb/2789378/en-us

--------------------------------------------------------------------------------------------------------------------------------

497 日問題を回避する修正モジュールについて

Additional resources