Microsoft DNS Server Attacks Continue
In an advisory this morning borrowing language used during previous statements about completely different exploits, Microsoft's Security Response Center team confirmed that it has seen at least one new wave of attacks based on proof-of-concept code impacting its DNS server software in Windows Server-based systems.
windows -
comments -
17.4.2007 Microsoft DNS Server Attacks Continue
In an advisory this morning borrowing language used during previous statements about completely different exploits, Microsoft's Security Response Center team confirmed that it has seen at least one new wave of attacks based on proof-of-concept code impacting its DNS server software in Windows Server-based systems.
windows -
comments -
17.4.2007 Microsoft Security Advisory 935964: Vulnerability in RPC on Windows DNS Server Could Allow Remote Code Execution
Microsoft is investigating new public reports of a limited attack exploiting a vulnerability in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server Service Pack 4, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2.
windows -
comments -
14.4.2007 Windows Vista Patch for DNS client
Microsoft just released a Windows Vista Patch.
windows -
comments -
28.2.2007 Cybercrooks exploiting new Windows DNS flaw
Cybercrooks are using a yet-to-be-patched security flaw in certain Windows versions to attack computers running the operating systems, Microsoft warned late Thursday.
windows -
comments -
13.4.2007 Microsoft: DNS Vulnerability Not in Vista or XP
Microsoft has denied that the critical vulnerability affecting RPC on Windows Domain Name System Server is also found in Windows Vista or Windows XP Service Pack 2.
windows -
comments -
24.4.2007 Microsoft preps 133 patches for Windows DNS hole
Microsoft plans to have a fix for the recently disclosed Windows Domain Name System service flaw available by its May 8 patch day at the latest.
windows -
comments -
23.4.2007 Two Unofficial IE Patches Block Attacks
eWeek reports that two well-respected Internet security companies (eEye and Determina) have released unofficial patches to correct the vulnerability being exploited to load spyware, bots and Trojan downloaders on Windows machines.
microsoft -
comments -
29.3.2006 Uptick in Windows attacks reported
Several security experts are warning of increased cyberattacks targeting Windows PCs, but Microsoft says all is calm on the attack front.
windows -
comments -
3.9.2006 Researcher to Demonstrate Vista Attacks
A security researcher will show hackers new ways to defeat Vista's BitLocker drive encryption.
windows -
comments -
1.5.2007 Legitimate Screensavers Used in Malware Attacks
Malware writers turn to all kinds of techniques in order to trick people, infect their computers and reach their goal, no matter if we're talking about stealing some
data or just luring them on malicious websites.
common -
comments -
29.5.2008 Microsoft warns of new Word attacks
Microsoft has issued yet another security advisory in the wake of new attacks targeting Word.
microsoft -
comments -
10.7.2008 ActiveX Is Vulnerable to Attacks Even Without Vulnerabilities
Internet Explorer users are vulnerable to attacks targeting ActiveX, even when ActiveX is vulnerability-free, claims security company Symantec.
microsoft -
comments -
11.8.2008 Microsoft: Patch now or face attacks
Microsoft today shipped four bulletins with patches for at least 8 documented security vulnerabilities affecting Windows users and warned that “consistent exploit code could be easily crafted” to launch attacks via the Internet Explorer browser.
microsoft -
comments -
10.2.2009 IE users beware: Zero-day attacks
Malicious hackers are launching code execution exploits against new, unpatched vulnerability in the Microsoft Video ActiveX Control, the company warned in an advisory.
microsoft -
comments -
6.7.2009 Internet Explorer 7 Is an Open Door for Attacks
Internet Explorer 7 on Windows XP and Windows Server 2003 is nothing short of an open door for attacks. Microsoft informed that it is currently investigating a remote code execution vulnerability in various versions of XP and Windows Server 2003 running Internet Explorer 7.
microsoft -
comments -
15.10.2007 Microsoft confirms Windows-Word attacks
Microsoft Corp. yesterday warned of a critical vulnerability that affects users of Word running on Windows 2000, XP and Server 2003 SP1 -- several weeks after one security company first reported an exploit and a day after a second vendor confirmed ongoing attacks.
microsoft -
comments -
24.3.2008 How Microsoft fights off 100,000 attacks per month
Microsoft Corp. has long encouraged its employees to "RAS" into the corporate network from home or from the road to access e-mail, shared files and applications.
microsoft -
comments -
18.12.2006 Shrinking patch windows hit by automated attacks
The length of time between the development of security patches and the development of exploits targeting the security holes they address has been dropping for some time.
windows -
comments -
21.4.2008 Attacks on Mac OS X Exploded by 1,550% in 2007 – Just a 36% Growth for Windows
Windows is without a doubt the most attacked platform in the world. Microsoft's proprietary operating system attracts no less than 96.36% of the world's malicious code, according to malware statistics for 2007, released by Kaspersky.
common -
comments -
28.2.2008 Latest Vulnerability Attacks Steer Clear of Vista SP1, but Not XP SP3
The latest attacks targeting vulnerabilities in Microsoft's software products have steered clear of Windows Vista Service Pack 1.
windows -
comments -
24.3.2008 Microsoft SQL Server 2005 Mobile Edition Server Tools
Microsoft SQL Server 2005 Mobile Edition (SQL Server Mobile) is the compact database for rapidly developing applications in both native mode and the .NET Compact Framework that extend enterprise data management capabilities to devices.
microsoft -
comments -
26.11.2005 Microsoft Updates Its Windows Server Roadmap, Longhorn server delayed
Expect Longhorn Server Beta 3 in the first half of next year, but no Windows Server 'Centro' for mid-size businesses until 2008. And there might be a Windows Server Branch Office in the future, after all.
windows -
comments -
24.5.2006 Micrososoft drops major features in Windows Server Virtualization - Viridian, beta starts with Longhorn Server RTM
Microsoft does it again, promise great cool features and even demo them. They let us wait for months/years and then just drops the cool stuff for a "future release" Just like the Windows Server team did with R2 at the time.
windows -
comments -
11.5.2007 Longhorn Server to Be Named Windows Server 2007
ActiveWin are claiming that the final designation for Windows Codenamed Longhorn Server will be Windows Server 2007 after all, how original! Speculated here long before Vista hit RTM.
windows -
comments -
17.1.2007 Longhorn Server to be christened Windows Server 2008
To next to no one's surprise, Microsoft is going to christen Longhorn Server "Windows Server 2008." And it might do so as early as next week to coincide with the Windows Hardware Engineering Conference (WinHEC) in Los Angeles.
windows -
comments -
10.5.2007 New Windows Server 2008-Based Server Products Available
Windows Essential Server Solutions are basically designed as a bundle of SQL Server 2008, Exchange Server 2008 and Windows Server 2008, along with additional Microsoft technologies, set up as an all-in-one IT offering for small and midsize customers.
windows -
comments -
13.5.2008 An Introduction to Windows Server 2008 Server
Server is a new installation option that was introduced in Windows Server 2008. It provides the ability to install and configure a trimmed-down version of Windows Server 2008 which is designed to perform only certain server tasks.
download -
comments -
9.6.2009 Windows Server 2008 Is 45 Times Faster Than Windows Server 2003
Windows Server 2008, formerly codenamed Longhorn, is no leas than 45 times faster than its predecessor, Windows Server 2003, in terms of network transfer speeds.
windows -
comments -
22.11.2007 Windows 7 Server vs. Windows Server 2008 SP2 – Performance Comparison
It’s that time again! Microsoft traditionally doesn’t allow the benchmarking of its products as long as the software is still in development, but both the Windows 7 client and Windows Server 2008 R2 have been released to manufacturing on July 22nd, 2009.
windows -
comments -
18.8.2009Microsoft DNS Server Attacks Continue
In an advisory this morning
borrowing language used during
previous statements about
completely different exploits,
Microsoft's Security Response
Center team confirmed that it
has seen at least one ne..
betanews.com -
17.04.2007Microsoft DNS Server Attacks Continue
In an advisory this morning
borrowing language used during
previous statements about
completely different exploits,
Microsoft's Security Response
Center team confirmed that it
has seen at least one new wave
of attacks based on
proof-of-concept code
impacting its DNS server
software in Windows
Server-based systems...
betanews.com -
17.04.2007Apple's fix for major DNS security hole finally arrives
Nearly three weeks after Microsoft patched its Windows operating system to protect against attacks exploiting a flaw within the DNS system, Apple has
delivered its own fix...
betanews.com -
02.08.2008DNS Servers in Harm's Way
Sometimes it takes a DNS attack for an organization to get serious about the security of its Internet-facing DNS name servers. Many of these servers
today are still not properly secured or configured, security experts say, leaving them wide open for distributed denial-of-service (DDOS) and other
types of attacks.
"There are many organizations who are still in the dark about managing their external DNS," says David
Ulevitch, CEO of OpenDNS. "Just as people run firewalls and anti-spam systems, it's important for them to manage the DNS coming into, and leaving,
their network.
"Many organizations today manage their internal DNS, but leave their Internet-facing DNS wide open to abuse their
network and act as a vector for malicious activity," he says.
winbeta.org -
20.11.2007Windows Server 2008 DNS Block Feature
Windows Server 2008 introduces a DNS block feature that may affect the ISA Server automatic discovery when implementing the WPAD mechanism using a
Windows Server 2008 DNS Server.
The block feature provides a global query block list to reduce vulnerability associated with
dynamic DNS updates. Dynamic update makes it possible for DNS client computers to register and dynamically update their resource records with a DNS
server whenever a client changes its network address or host name. This reduces the need for manual administration of zone records, especially for
clients that frequently move or change locations and use DHCP to obtain an IP address. This convenience comes at a cost, however, because an
authorized client can register any unused host name, even a host name that might have special significance for certain applications. This can allow a
malicious user to "hijack" a special name and divert certain types of network traffic to that user's computer. WPAD is a commonly deployed protocol
vulnerable to this type of hijacking, and by default WPAD look up is disabled by the blocking mechanism.
winbeta.org -
19.02.2008DNS attack could signal Phishing 2.0
Researchers at Google and the Georgia Institute of Technology are studying a virtually undetectable form of attack that quietly controls where victims
go on the Internet.
The study, set to be published in February, takes a close look at śopen recursiveť DNS servers, which are
used to tell computers how to find each other on the Internet by translating domain names like google.com into numerical Internet Protocol addresses.
Criminals are using these servers in combination with new attack techniques to develop a new generation of phishing attacks.
The
researchers estimate that there are 17 million open-recursive DNS servers on the Internet, the vast majority of which give accurate information.
Unlike other DNS servers, open-recursive systems will answer all DNS lookup requests from any computer on the Internet, a feature that makes them
particularly useful for hackers.
winbeta.org -
12.12.2007Cybercrooks Exploiting New Windows DNS Flaw
Cybercrooks are using a
yet-to-be-patched security
flaw in certain Windows
versions to attack computers
running the operating systems,
Microsoft warned late
Thursday.
The attacks target Windows
2000 Server and Windows Server
2003 systems through a hole in
the domain name system, or
DNS, service, Microsoft said
in a security advisory. The
attacks happen by sending
rigged data to the service,
which by design is meant to
help map text-based Internet
addresses to numeric Internet
Protocol addresses.
"An anonymous
attacker could try to exploit
the vulnerability by sending a
specially crafted RPC packet
to an affected system,"
Microsoft said in the
advisory. RPC, or Remote
Procedure Call, is a protocol
that applications use to
request services from programs
on another computer in a
network. RPC has been involved
in several security bugs
before, including in the
vulnerability that let the
Blaster worm spread.
Click
Read More to view the
rest of this article.
jcxp.net -
14.04.2007Attack code released for new DNS attack
Hackers have released software that exploits a recently disclosed flaw in the Domain Name System (DNS) software used to route messages between
computers on the Internet. The attack code was released Wednesday by developers of the Metasploit hacking toolkit.
Internet security
experts warn that this code may give criminals a way to launch virtually undetectable phishing attacks against Internet users whose service providers
have not installed the latest DNS server patches. Attackers could also use the code to silently redirect users to fake software update servers in
order to install malicious software on their computers, said Zulfikar Ramizan, a technical director with security vendor Symantec. "What makes this
whole thing really scary is that from an end-user perspective they may not notice anything," he said.
neowin.net -
24.07.2008Microsoft: DNS Vulnerability Not in Vista or XP
Microsoft has denied that the
critical vulnerability
affecting RPC on Windows
Domain Name System Server is
also found in Windows Vista or
Windows XP Service Pack 2. The
Microsoft Security response
Center has tested this
vulnerability against the
complete range of current
Windows operating systems and
has concluded that the issue
is limited to Windows 2000
Server SP4, Windows Server
2003 SP1 and Windows Server
2003 SP2. Microsoft continued
to monitor the evolution of
the problem since the initial
report on April 12 and
confirmed that attacks are
still not widespread. The
Redmond Company has also made
available a new KB article
designed to lend a helping
hand to deploy DNS remote RPC
block workaround at an
enterprise level.
According to Christopher
Budd, MSRC Security Program
Manager, the DNS Server
Service vulnerability only
impacts the Windows server
operating systems: " We
know this because as part of
our Software Security Incident
Response Process (SSIRP) after
we identify a vulnerability
one of the first things we do
is to establish the scope of
affected software. We do this
looking at the source code for
the affected component in all
publicly supported versions of
the product. In the case of
this vulnerability, the code
with the vulnerability is in
the DNS server component. That
component isn't present in
Windows client operating
systems ." Additionally,
Budd pointed at May 8, as the
official date for a security
update to be released.
neowin.net -
24.04.2007Serious RPC Flaw Could Expose Microsoft DNS Servers to Remote Exploits
This morning, the US-CERT team
of the Department of Homeland
Security acknowledged
Microsoft's advisory this
morning, stating that it's
investigating instances where
Windows servers running the
DNS service can be tricked
into running any code remotely
in a local system context,
with the same privileges as
the DNS service itself...
betanews.com -
13.04.2007Questions about Web Server Attacks
Bill Sisk: There have been conflicting public reports describing a recent rash of web server attacks. I want to bring some clarification about the
reports and point you to the IIS blog for additional information.
To begin with, our investigation has shown that there are no
new or unknown vulnerabilities being exploited. This wave is not a result of a vulnerability in Internet Information Services or Microsoft SQL Server.
We have also determined that these attacks are in no way related to Microsoft Security Advisory (951306).
winbeta.org -
26.04.2008New DDoS attack based on deluge of dots
A technique for worsening the effects of a distributed denial-of-service-type attacks uses a feature in the DNS system that was once designed to be
helpful -- and patching it could involve reconfiguring millions of domain-name servers...
betanews.com -
11.02.2009Microsoft fixes nasty DNS server, Exchange flaws
Microsoft has released its May
set of security patches,
fixing critical bugs in Word,
Excel, Windows, Office,
Internet Explorer, Exchange
and the CAPICOM cryptography
technology used by BizTalk
Server.
Microsoft
rates all seven groups of the
updates as critical, but
security experts said that IT
administrators should be
particularly concerned with
the MS07-026 and MS07-029
updates, which fix flaws in
Exchange and the Windows DNS
server. The Exchange update
fixes previously undisclosed
flaws in Microsoft's
messaging software that could
be exploited to seize control
of the server. Hackers could
potentially install
unauthorized software on the
server simply by sending it a
maliciously crafted e-mail
message. Unlike the Exchange
bugs, the flaw in Windows'
DNS server flaw has been known
for about a month and
therefore attackers have
already developed code that
exploits the flaw. The problem
affects Windows 2000 and
Windows Server 2003 systems,
which can be tricked into
running unauthorized software
when an attacker sends them
maliciously encoded RPC
packets to the DNS server.
neowin.net -
09.05.2007Major fix to DNS vulnerability impacts Windows, Debian
A very serious flaw in the Internet's DNS servers may have been ripe for a significant exploit, though a familiar security researcher might have
sounded the alarm just in time. Now, Microsoft and Linux vendors are responding urgently...
betanews.com -
09.07.2008Microsoft: DNS patch to come by May 8... maybe
By May 8 Microsoft hopes to
fix a critical flaw in Windows
Domain Name System servers
reported last week that is
being exploited by online
criminals. Microsoft
characterizes the level of
attacks as " not
widespread ". Security
experts confirmed that
variants of the Rinbot worm
(also called Nirbot by some
vendors) had been scanning
networks for vulnerable
systems and then attempting to
exploit the DNS bug. The
problem only affects Windows
2000 and Windows Server 2003
systems, which can be tricked
into running unauthorized
software when an attacker
sends them maliciously encoded
Remote Procedure Call packets
to the DNS server.
Microsoft has published a
workaround for the problem,
and the software vendor is
weighing whether to step up
its response and fix it ahead
of May 8, the date of the
company's next scheduled
security update. " While we
don't have a firm estimate on
when we'll complete our
development and testing of
updates for this issue, we
have teams around the world
working on it twenty-four
hours a day, and hope to have
updates no later than May 8,
2007. However, this is a
developing situation and we
are constantly evaluating the
situation and the status of
our development and testing of
updates ," said Microsoft
security program manager
Christopher Budd.
neowin.net -
19.04.2007Site Downtime
You may have noticed from the
error message while trying to
navigate to JCXP on the 27th /
28th.
This was
due to DNS propagation taking
longer than expected, while
moving to a new server.
As you can see, the
site is now back up and
running (minus a few issues
that will be resolved later)
once again! We apologize for
any inconvenience this may
have caused.
JCXP Staff
jcxp.net -
30.01.2006Another DNS flaw?
Security researcher Dan Kaminsky made headlines last year when he discovered a
critical DNS flaw. If left unpatched it could
have crippled vast parts of the Internet.
As 2009 starts up, a new DNS (
define) flaw has emerged, but the severity
of the threat is less pronounced...
winbeta.org -
10.01.2009Windows DNS bug fix can impair firewalls, including ZoneAlarm
BetaNews has confirmed through its own testing this morning that a critical patch, released yesterday by Microsoft as part of a worldwide DNS bug fix
effort, can and does impact the functionality of software firewalls.
Multiple reports from users since yesterday afternoon have
complained of systems incapable of contacting the Internet after having implemented patch KB951748. This patch makes a major change to the way the
operating system handles DNS requests. Specifically, it implements a system that enables source port randomization -- a way to scramble the
address from which a request is placed -- as a security measure to thwart malicious users from being able to craft false DNS responses, and thus
"poison" the caches of DNS servers.
winbeta.org -
09.07.2008Apple skewered over missing DNS patch
Apple has come under fire for failing to patch the critical Domain Name System (DNS) flaw which prompted a (rest of) industry wide response earlier
this month.
For anyone just back from a trip up the Amazon, the discovery of a domain spoofing vulnerability by security researcher Dan
Kaminsky sparked a massive patching effort that began on 8 July. Dozens of vendors - including Microsoft, Cisco, Ubuntu and the Internet Systems
Consortium, which maintains BIND - released updates that mitigated against the risk of cache poisoning attacks, which stem from security shortcomings
in the protocol itself rather than coding errors.
neowin.net -
30.07.2008Microsoft's DNS Fix Leads to More Problems
The blogosphere is
awash with talk about the possible
overall weakness of the Domain Name System (DNS) architecture. For its part, Microsoft's released a DNS fix in its
patch slate for July, but Redmond seems to have problems just
getting it to end users. Moreover, some users of the DNS fix have experienced additional difficulties.
So far, since
Microsoft's DNS fix was issued on July 10, there have been two separate problems associated with its installation.
winbeta.org -
23.07.2008
