Add to del.icio.us     Digg this

Apr. 14, 2007

Yesterday, Microsoft has publicly confirmed that it has "very limited, targeted attacks" against its Windows Server DNS service. Internet potential attackers are trying to exploit a vulnerability in the DNS service that could allow for arbitrary code execution to run with the same privileges as the DNS service itself.

The company said in a security advisory "on Microsoft's Windows 2000 Server and Windows Server 2003, and running the DNS Server Service, an anonymous attacker could potentially exploit the vulnerability by sending a specially-crafted RPC packet to an affected system."

RPC (Remote Procedure Call) is a commonly used protocol that enables remote service requests across a network. To avoid any potential problems, Microsoft is suggesting that Windows Server users disable remote management over RPC capability for DNS Servers through the registry key setting.

A key Microsoft spokesperson said the company will continue to help protect customers by providing an update through its monthly process or out-of-cycle depending on customers' needs.

The DNS hole warning comes during a large increase of other security warnings and various patches from Microsoft. On Tuesday, Microsoft alerted users through five security bulletins, four for the Windows operating system and one for its Content Management Server.

Earlier in April, Microsoft also patched a significant animated cursor hole.

Add to del.icio.us     Digg this

Source: The WHIR