Microsoft DNS Server Attacks Continue
In an advisory this morning borrowing language used during previous statements about completely different exploits, Microsoft's Security Response Center team confirmed that it has seen at least one new wave of attacks based on proof-of-concept code impacting its DNS server software in Windows Server-based systems.
windows -
comments -
17.4.2007 Microsoft: DNS Vulnerability Not in Vista or XP
Microsoft has denied that the critical vulnerability affecting RPC on Windows Domain Name System Server is also found in Windows Vista or Windows XP Service Pack 2.
windows -
comments -
24.4.2007 Microsoft preps 133 patches for Windows DNS hole
Microsoft plans to have a fix for the recently disclosed Windows Domain Name System service flaw available by its May 8 patch day at the latest.
windows -
comments -
23.4.2007 Microsoft Security Advisory 935964: Vulnerability in RPC on Windows DNS Server Could Allow Remote Code Execution
Microsoft is investigating new public reports of a limited attack exploiting a vulnerability in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server Service Pack 4, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2.
windows -
comments -
14.4.2007 Windows Vista Patch for DNS client
Microsoft just released a Windows Vista Patch.
windows -
comments -
28.2.2007 Cybercrooks exploiting new Windows DNS flaw
Cybercrooks are using a yet-to-be-patched security flaw in certain Windows versions to attack computers running the operating systems, Microsoft warned late Thursday.
windows -
comments -
13.4.2007 Windows 7 Hack Brings Build 6801 Closer to Build 6956
Microsoft ensured that the Windows 7 development milestone delivered at the Professional Developers Conference 2008 and the Windows Hardware Engineering Conference 2008 delivered less than what it showcased at the two events.
windows -
comments -
10.12.2008 Windows 7 Build 7012 Screenshots Emerged and Build 7013 Details
We all are waiting for Windows 7 Beta 1 build 7000 to get release but it seems some one out their already have access to Windows 7 Build 7012.
windows -
comments -
4.1.2009 Windows 7 Service Pack 1 Build 7138 Screenshots and Build Details
Yesterday we had posted about Microsoft Windows 7 Service Pack 1 under development as reported by wzor.info. This news itself is enough to generate buzz for Windows 7 as it never happened in past where MS has started working on Service pack before releasing final product.
windows -
comments -
30.5.2009 Windows 7 RC2 Build 7224 Videos & Build 7200 Screenshots
Lately we have seen many rumors spreading about Windows 7 Release candidate 2. Previously it was rumored that Microsoft had no planning of having Windows 7 RC 2 and may directly come up with Windows 7 RTM.
windows -
comments -
1.6.2009 Windows Mobile 6.5 Build 23060 and Build 23420
Two fresh new builds from 230XX and 234XX branch of Windows Mobile 6.5 are out, courtesy Da_G of XDA-Developers.com.
windows -
comments -
30.9.2009 Windows 7 M1 Build 6519 vs. Windows 7 M3 Pre-Beta Build 6801
Moving from Windows XP onward to Windows Vista, Microsoft completely overhauled the installation process of the Windows client.
windows -
comments -
9.11.2008 Microsoft releases new build of Vista
On Monday, Microsoft released a new build of Windows Vista, the successor to the aging Windows XP, to technical beta testers, TAP customers, and MSDN subscribers.
windows -
comments -
17.7.2006 Microsoft: Build Your Own Home Server
Microsoft this week released a beta software development kit for Windows Home Server, the company's newest operating system version for connecting multiple PCs and digital devices in a home.
microsoft -
comments -
8.4.2007 Microsoft Releases Vista build 5247 to Testers
An official Microsoft employee blog today revealed that Windows Vista build 5247 is currently in testing internally. Kevin Remde, a TechNet and MS Blogger, admitted today on his blog just in a passing comment that his build was 5247.
windows -
comments -
Microsoft Ships Vista build 5381.1 to Testers
Microsoft has issued 32-bit and 64-bit versions of Windows Vista build 5381.1, which is a preview of the Beta 2 version of Vista the company intends to ship later this month to millions of users worldwide.
windows -
comments -
7.5.2006 Microsoft To Release New Windows Vista Build This Week
Microsoft this week plans another Vista beta 2 drop that is promised to hog fewer system resources.
windows -
comments -
13.7.2006 Microsoft Windows Vista Build 5506 screenshot
Microsoft is poised to release a new pre-RC1 test build of Windows Vista any day now to a select group of testers. The latest builds include links to Windows Live Messenger, Toolbar, OneCare and Desktop Mail.
windows -
comments -
16.8.2006 Microsoft to Ship Interim Windows Vista Build to Testers
I have just recieved news that Vista will have a 'refresh build' to the technical testers and coporate customers. This version will have a different set of product keys. And the build number currently is 5324(Expect it to be around this figure when launched to MSDN Subscribers).
windows -
comments -
18.3.2006 Microsoft Ends Week of Delays With a New Vista Test Build
It's not the next Community Technology Preview build, slated to go to two million testers. But Microsoft is releasing Friday to selected testers a brand-new build of Vista on which testers are counting for more stability.
windows -
comments -
26.3.2006 Microsoft Releases Windows Vista Build 5456.5 to testers
Windows Vista Beta 2 English builds for x86 and x64. This package contains Ultimate, Home Basic, Home Premium, and Business binaries.
windows -
comments -
26.6.2006 Microsoft Windows Vista 32Bit Build 5456 download
Windows Vista build 5456 English builds for x86 and x64. This package contains Ultimate, Home Basic, Home Premium, and Business binaries.
download -
comments -
27.6.2006 Microsoft roots out Windows Home Server leak + New Build
Microsoft said late yesterday it had identified the person who had leaked the still-in-beta Windows Home Server to the Web. According to both the company and messages from the site where the beta was once posted, however, earlier reports that the leaker was a Microsoft MVP were incorrect.
windows -
comments -
19.4.2007 Microsoft: Public Build of Windows Vista SP1 RC Soon
Microsoft is currently cooking the first public build of Windows Vista Service Pack 1 Release Candidate.
windows -
comments -
4.12.2007 Microsoft: 5573 Does Not Imply a Specific XP SP3 Build
Microsoft is not saying much at all about the third and final service pack for Windows XP, and whatever information does manage to get through the translucent filters implemented by Steven Sinofsky, Senior Vice President, Windows and Windows Live Engineering Group,
presents little relevance.
common -
comments -
Microsoft Windows 7 Build 6801 DVD 32-Bit
Windows 7 is designed to make everyday tasks faster and easier, and make new things possible for end users.
download -
comments -
31.10.2008 Microsoft to RTM Windows 7 this week? Build 7260 leaks
Earlier today Neowin reported that Windows 7 build 7232 had leaked. What a difference a few more hours makes, now 7260 has leaked and the Russian site Wzor claims that Microsoft will build the RTM (release to manufacturing) build between June 15-19.
windows -
comments -
16.6.2009 Microsoft Windows Vista Build 5456 Overview and Screenshot Gallery
Little more than a month after issuing a bug-laden Windows Vista Beta 2, Microsoft has shipped its first post-Beta 2 interim build of the next Windows and it makes up a lot of lost ground. Indeed, it's hard not to view this build and not believe that Microsoft is absolutely back on track.
windows -
comments -
26.6.2006 Microsoft releases Vista Pre-RC1 (build 5536) to the public
Microsoft has quietly released build 5536 for the first 100,000 people to download it from their Windows Vista site.
windows -
comments -
29.8.2006 Accenture, Avanade and Microsoft to Build Integrated Broadcast System for MediaCorp
Accenture and Avanade team up to develop multitier service-oriented architecture system featuring Microsoft Connected Services Framework.
Accenture, Avanade and Microsoft Corp. today announced that they have been selected to design and build an integrated broadcast system to support MediaCorp Pte Ltd., Singapore?s largest broadcaster and a leading media company in Asia.
microsoft -
comments -
19.4.2006CheckPoint issues fix for ZoneAlarm problem after DNS patch
BetaNews has confirmed through testing that CheckPoint's latest build of ZoneAlarm, issued yesterday in response to a problem arising from a
Microsoft patch to a major DNS security problem, fixes a major problem with Internet access...
betanews.com -
11.07.2008Serious RPC Flaw Could Expose Microsoft DNS Servers to Remote Exploits
This morning, the US-CERT team
of the Department of Homeland
Security acknowledged
Microsoft's advisory this
morning, stating that it's
investigating instances where
Windows servers running the
DNS service can be tricked
into running any code remotely
in a local system context,
with the same privileges as
the DNS service itself...
betanews.com -
13.04.2007Major fix to DNS vulnerability impacts Windows, Debian
A very serious flaw in the Internet's DNS servers may have been ripe for a significant exploit, though a familiar security researcher might have
sounded the alarm just in time. Now, Microsoft and Linux vendors are responding urgently...
betanews.com -
09.07.2008DNS Servers in Harm's Way
Sometimes it takes a DNS attack for an organization to get serious about the security of its Internet-facing DNS name servers. Many of these servers
today are still not properly secured or configured, security experts say, leaving them wide open for distributed denial-of-service (DDOS) and other
types of attacks.
"There are many organizations who are still in the dark about managing their external DNS," says David
Ulevitch, CEO of OpenDNS. "Just as people run firewalls and anti-spam systems, it's important for them to manage the DNS coming into, and leaving,
their network.
"Many organizations today manage their internal DNS, but leave their Internet-facing DNS wide open to abuse their
network and act as a vector for malicious activity," he says.
winbeta.org -
20.11.2007Apple's fix for major DNS security hole finally arrives
Nearly three weeks after Microsoft patched its Windows operating system to protect against attacks exploiting a flaw within the DNS system, Apple has
delivered its own fix...
betanews.com -
02.08.2008Another DNS flaw?
Security researcher Dan Kaminsky made headlines last year when he discovered a
critical DNS flaw. If left unpatched it could
have crippled vast parts of the Internet.
As 2009 starts up, a new DNS (
define) flaw has emerged, but the severity
of the threat is less pronounced...
winbeta.org -
10.01.2009Windows DNS bug fix can impair firewalls, including ZoneAlarm
BetaNews has confirmed through its own testing this morning that a critical patch, released yesterday by Microsoft as part of a worldwide DNS bug fix
effort, can and does impact the functionality of software firewalls.
Multiple reports from users since yesterday afternoon have
complained of systems incapable of contacting the Internet after having implemented patch KB951748. This patch makes a major change to the way the
operating system handles DNS requests. Specifically, it implements a system that enables source port randomization -- a way to scramble the
address from which a request is placed -- as a security measure to thwart malicious users from being able to craft false DNS responses, and thus
"poison" the caches of DNS servers.
winbeta.org -
09.07.2008Microsoft DNS Server Attacks Continue
In an advisory this morning
borrowing language used during
previous statements about
completely different exploits,
Microsoft's Security Response
Center team confirmed that it
has seen at least one new wave
of attacks based on
proof-of-concept code
impacting its DNS server
software in Windows
Server-based systems...
betanews.com -
17.04.2007Microsoft's DNS Fix Leads to More Problems
The blogosphere is
awash with talk about the possible
overall weakness of the Domain Name System (DNS) architecture. For its part, Microsoft's released a DNS fix in its
patch slate for July, but Redmond seems to have problems just
getting it to end users. Moreover, some users of the DNS fix have experienced additional difficulties.
So far, since
Microsoft's DNS fix was issued on July 10, there have been two separate problems associated with its installation.
winbeta.org -
23.07.2008DNS Flaw: Don't Panic, Just Patch
Organizations should move quickly to patch vulnerable DNS servers against a flaw revealed last week.
Despite the fact that few
people know all the technical details of the bug affecting domain name servers that security researcher
Dan Kaminsky reported last week, there
are no shortage of opinions on it.
winbeta.org -
15.07.2008Verizon Tries Out DNS Redirection Service, But Will It Charge?
Last week, customers of
Verizon's ISPs in Illinois,
Indiana, Michigan, and
Wisconsin learned of an
interesting alteration to
their Internet service: The
company is experimenting with
what it's calling an
"Advanced Web Search"
page, which its DNS servers
will distribute in response to
non-resolvable or perhaps
malformed URLs...
betanews.com -
22.06.2007DNS Exploit Used to Plant Backdoor on Windows Servers
Security engineers are
confirming that customers
whose Windows servers were
confirmed penetrated by a
version of the recent DNS
service exploit, were infected
by any of three variants of
backdoor worms identified by
Sophos as W32/Delbot...
betanews.com -
19.04.2007Details on DNS flaw inadvertently leaked; researcher says patch now
The cat is out of the bag before Black Hat. That isn't a passage from a Dr. Seuss children's book, but a description of what happened on Monday when
a Web site accidentally posted details about a DNS flaw uncovered by security researcher Dan Kaminsky earlier this month...
betanews.com -
23.07.2008Security lab warns of possible Chinese ISP DNS exploit
An apparent case of DNS poisoning in the caches of a major China-based ISP is causing extra concern today, in light of security engineer Dan
Kaminsky's recent warnings about just how serious a cache poisoning exploit could become...
betanews.com -
23.08.2008Windows Server 2008 DNS Block Feature
Windows Server 2008 introduces a DNS block feature that may affect the ISA Server automatic discovery when implementing the WPAD mechanism using a
Windows Server 2008 DNS Server.
The block feature provides a global query block list to reduce vulnerability associated with
dynamic DNS updates. Dynamic update makes it possible for DNS client computers to register and dynamically update their resource records with a DNS
server whenever a client changes its network address or host name. This reduces the need for manual administration of zone records, especially for
clients that frequently move or change locations and use DHCP to obtain an IP address. This convenience comes at a cost, however, because an
authorized client can register any unused host name, even a host name that might have special significance for certain applications. This can allow a
malicious user to "hijack" a special name and divert certain types of network traffic to that user's computer. WPAD is a commonly deployed protocol
vulnerable to this type of hijacking, and by default WPAD look up is disabled by the blocking mechanism.
winbeta.org -
19.02.2008DNS celebrates 25th birthday
The internet's Domain Name System is 25 years old this week. Paul Mockapetris, chairman and chief scientist at Nominum, is credited with inventing
the DNS in 1983. Mockapetris shared his thoughts on the technology during a ceremony at the Oxford Internet Institute, discussing how it came to be,
its impact on the internet and where it is headed.
What started as a small project that few thought would be such an important aspect of
communication, the DNS is now part of the internet's underlying infrastructure and provided an alternative to typing numerical IP addresses for
every domain name.
neowin.net -
30.01.2008DNS attack could signal Phishing 2.0
Researchers at Google and the Georgia Institute of Technology are studying a virtually undetectable form of attack that quietly controls where victims
go on the Internet.
The study, set to be published in February, takes a close look at open recursive DNS servers, which are
used to tell computers how to find each other on the Internet by translating domain names like google.com into numerical Internet Protocol addresses.
Criminals are using these servers in combination with new attack techniques to develop a new generation of phishing attacks.
The
researchers estimate that there are 17 million open-recursive DNS servers on the Internet, the vast majority of which give accurate information.
Unlike other DNS servers, open-recursive systems will answer all DNS lookup requests from any computer on the Internet, a feature that makes them
particularly useful for hackers.
winbeta.org -
12.12.2007DNS flaw is so big it puts every network at risk
A recently found flaw in the internet's addressing system is worse than first feared, so Dan Kaminsky said when speaking publicly about his
discovery at the Black Hat conference in Las Vegas.
He said fixes for the flaw in the net's Domain Name System (DNS) had focused on web
browsers but it could be abused by hackers in many other ways.
"Every network is at risk," he said. "That's what this flaw has
shown."
DNS is the internet's address book and helps computers translate the website names people prefer so www.neowin.net gets
translated to its real address of 209.124.63.212
Read full story.....
neowin.net -
07.08.2008Internet DNS to Receive 3-Year, $100mn Overhaul
In preparation for the
capacity of the entire
Internet to double to 1.8
billion users in just three
years' time, VeriSign --
which manages the registry for
the .com and .net top-level
domain names, as well as the
root servers for the entire
domain name system --
announced this morning it will
commit three years' worth of
humanpower and $100 million in
resources to the overhaul and
expansion of DNS...
betanews.com -
09.02.2007Microsoft Downplaying Recent DNS Vulnerability
Microsoft
downplays a recent DNS vulnerability in all Microsoft operating systems (XP,
Vista, 2000, and 2003), claims Amit Klein, the security researcher who published the
original vulnerability description (PDF) earlier this
month.
According to Klein,
the description in Microsoft's
Secure Windows Initiative blog entry is misleading, contains disinformation about the DNS transaction ID algorithm, and downplays the severity of the
issue. Klein refutes Microsoft's claim that there is no way to reproduce the next transaction ID, given a series of observed transaction IDs. He
shows that this is possible in his paper, which Microsoft had before publishing the SWI post, as well as on the series of data provided in the SWI
blog itself.
winbeta.org -
29.04.2008
