[ insider_reports_insider ]
Microsoft Hunting For DNS Fix
David Utter
Staff Writer
2007-04-13
 Insider Reports RSS Feed
A remote procedure call (RPC) problem with the DNS Server in Windows 2000 and 2003 could permit remote code execution.
 | | Microsoft Hunting For DNS Fix |  |
Microsoft Windows 2000 Professional Service Pack 4, Windows XP Service Pack 2, and Windows Vista are not affected as these versions do not contain the vulnerable code, the company said in its advisory about the problem.
Their initial investigation of limited attack reports has found that an attacker could run code in the security context of the Domain Name System Server Service, which by default runs as Local SYSTEM.
The first signs of active exploitation were noted by security firm eEye on April 7th. "Utilizing RPC functionality designed for remote management, an attacker is able to anonymously cause a stack-based buffer overflow," the company said on their Zero-Day Tracker.
Adrian Stone said on Microsoft's Security Response blog the company is working on a security update; in the meantime, affected customers should implement the workarounds listed in the advisory.
By editing the Registry, system administrators can disable remote management over RPC for DNS servers. Inbound traffic to the range of ports where DNS may be bound can be blocked at the firewall as well.
---
Tags: Microsoft, DNS, Vulnerability, Computer, Security
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
