Thanks Steve. "Numerous vulnerabilities have been reported in multiple vendors' SNMP implementations. These vulnerabilities may allow unauthorized privileged access, denial-of-service attacks, or cause unstable behavior. If your site uses SNMP in any capacity, the CERT/CC encourages you to read this advisory and follow the advice provided in the Solution section below."

All Microsoft implementations of SNMP v1 are affected by the vulnerability. The SNMP v1 service is not installed or running by default on any version of Windows. A patch is under way to eliminate the vulnerability. In the meantime, we recommend that affected customers disable the SNMP v1 service.

An SNMP v1 service ships on the CDs for Windows 95, 98, and 98SE. It is not installed or running by default on any of these platforms. An SNMP v1 is NOT provided for Windows ME. However, it is possible that Windows 98 machines which had the service installed and were upgraded would still have the service. Since SNMP is not supported for WinME, customers in this situation are urged to remove the SNMP service. An SNMP v1 service is available on Windows NT 4.0 (including Terminal Server Edition) and Windows 2000 but is not installed or running by default on any of these platforms.Windows XP does not ship with an SNMP v1 service.