Cybercrooks exploiting new Windows DNS flaw

section: windows, for your questions: KezNews forum, 13.4.2007

Tip: Click here to update all your PC's outdated drivers

Cybercrooks are using a yet-to-be-patched security flaw in certain Windows versions to attack computers running the operating systems, Microsoft warned late Thursday.

The attacks target Windows 2000 Server and Windows Server 2003 systems through a hole in the Domain Name System, or DNS, service, Microsoft said in a security advisory. The attacks happen by sending rigged data to the service, which by design is meant to help map text-based Internet addresses to numeric Internet protocol addresses.

"An anonymous attacker could try to exploit the vulnerability by sending a specially crafted RPC packet to an affected system," Microsoft said in the advisory. RPC, or Remote Procedure Call, is a protocol applications use to request services from programs on another computer in a network. RPC has been involved in several security bugs before, including in the vulnerability that let the Blaster worm spread.

The French Security Incident Response Team deems the Windows DNS vulnerability "critical," its highest rating.

The DNS and RPC warning comes days after Microsoft issued its April security patches. At the same time security experts have issued warnings on multiple zero-day flaws in Office and another one in Windows.

The latest vulnerability is a stack-based buffer overrun, Microsoft said. This is a common type of coding problem that has caused many headaches for Microsoft and Windows users. A successful attack will give full control over a vulnerable machine without any user interaction, Microsoft said.

source: news.com.com
>> Click Here to Run a Free Scan for PC Errors <<

send email