Microsoft patches reverse-engineered to create DoS attack

Tools

Security vendor Qualys this week demonstrated how it reverse-engineered a Microsoft (NASDAQ: MSFT) patch to successfully create a denial-of-service attack against a Windows DNS server.

What's unsettling here is that the vulnerability targeted by Qualys (MS11-058) was tagged by Microsoft as "unlikely to see exploits developed in next 30 days."

The steps were outlined by Qualys vulnerability security engineer Bharat Jogi in a blog post that detailed the entire procedure--starting from a patch analysis to better understand the changes made by the software update.

As reported on Network World, "the patch that Qualys used closed two holes in Windows DNS Server and was rated critical, Microsoft's most severe security rating."

Jogi wrote the blog post Aug. 23, just two weeks after Microsoft's release of this month's Patch Tuesday. While the DoS exploit put together by Qualys does not spell imminent danger to businesses, the company argues that attackers with malicious intent "may be able to get reliable code execution." 

While it is ironic that the release of the patch actually contributed to the attack vector, the takeaway here is that companies must take Patch Tuesday seriously and deploy security updates as soon as they are able to.

For more:
- check out this blog post at Qualys
- check out this article at Network World

Related Articles:
Microsoft to issue record number of security bulletins next Tuesday

Report: Improper SSL implementations are widespread