FierceCIOFierceCIOTechWatchFierceMobileITFierceContentManagement   FierceVoIPFierceHealthITFierceFinanceIT

Hackers exploiting unpatched Windows DNS bug

April 12, 2007 — 8:01pm ET
Tools
  • Email
  • Print
  • Comment
  • Digg
  • Reddit
Tags
IT Security
Hacking
Microsoft
Software Patches
Symantec
Software News
exploits
Microsoft Windows

Just a few days after Microsoft issued its customary round of Patch Tuesday fixes, the company has revealed that hackers are now exploiting a yet-unpatched DNS vulnerability. "An anonymous attacker could try to exploit the vulnerability by sending a specially crafted RPC packet to an affected system," Microsoft said in a security advisory. Some security experts are deeming the bug "critical," though it is only being used in limited attacks for the time being. "Customers are advised to…apply the appropriate work-arounds as soon as possible, in the event that the attacks become more widespread," Symantec said in an alert to its security subscribers. The effected versions of Windows are as follows: Windows 2000 Server Service Pack 4, Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2.

For more on the exploit:
- see this ZDnet article
- and this security advisory from Microsoft

Be the first to comment

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.

More information about formatting options

What is 23 + 42?
To combat spam, please solve the math question above.