Microsoft: DNS Vulnerability Not in Vista or XP
Microsoft has denied that the critical vulnerability affecting RPC on Windows Domain Name System Server is also found in Windows Vista or Windows XP Service Pack 2.
windows -
comments -
24.4.2007 Windows Vista available on Microsoft Volume Licensing Site!
SA - Software Assurance. No ultimate edition yet!
windows -
comments -
15.11.2006 Windows Vista Patch for DNS client
Microsoft just released a Windows Vista Patch.
windows -
comments -
28.2.2007 Microsoft DNS Server Attacks Continue
In an advisory this morning borrowing language used during previous statements about completely different exploits, Microsoft's Security Response Center team confirmed that it has seen at least one new wave of attacks based on proof-of-concept code impacting its DNS server software in Windows Server-based systems.
windows -
comments -
17.4.2007 Microsoft is not trying to block access says Kaspersky
Microsoft's new operating system Vista will not make it more difficult for anti-virus systems to work, Russian computer security group and potential IPO candidate Kaspersky Lab said on Friday, contradicting rivals.
microsoft -
comments -
9.10.2006 Microsoft: ‘Very difficult’ to block IE attack vector
A member of Microsoft’s Internet Explorer team says it is “very difficult” to put protections in place to block the protocol handlers attack vector exposed by the recent IE-to-Firefox code execution vulnerability.
microsoft -
comments -
22.7.2007 Microsoft preps 133 patches for Windows DNS hole
Microsoft plans to have a fix for the recently disclosed Windows Domain Name System service flaw available by its May 8 patch day at the latest.
windows -
comments -
23.4.2007 Anti-Spam Sites Block Microsoft Hosted Exchange Services
Microsoft's Exchange hosted mail services, designed to help businesses combat spam, have themselves been blocked by several anti-spam blacklists around the Web, CRN has learned.
microsoft -
comments -
31.12.2006 Microsoft Security Advisory 935964: Vulnerability in RPC on Windows DNS Server Could Allow Remote Code Execution
Microsoft is investigating new public reports of a limited attack exploiting a vulnerability in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server Service Pack 4, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2.
windows -
comments -
14.4.2007 Windows Service Pack Blocker Tool Kit - Block Vista SP2 Automatic Upgrades
Microsoft is offering Windows Vista SP1 users the chance to block automatic upgrades to Service Pack 2. In addition to making available Vista SP2 RTM as a standalone download, DVD ISO image, the bits are also released to Windows Update, and subsequently served to Vista SP1 users who have Automatic Updates enabled.
download -
comments -
3.7.2009 Windows Vista X Download Site
Complex download pack for Windows vista, MS office 2007, MS Messenger, Windows Media Player 11, Vista Tweaks, Direct X 9c .....
download -
comments -
13.5.2006 See Windows Vista site up and running
There is a new site online with more information on Windows Vista covering some very cool topics and there are some videos too.
windows -
comments -
1.6.2006 Ready for a new day? The new Microsoft site!
In just a few hours, the business launch of Windows Vista will take place at the NASDAQ headquarters.
microsoft -
comments -
30.11.2006 Vista Capable Site Description Unchanged
Microsoft says it has not changed wording at its Web site to more clearly explain "Windows Vista Capable" label for PCs.
windows -
comments -
11.4.2007 Microsoft rolls out tutorial site for new programmers
Microsoft Corporation has launched the Beginning Developer Learning Center Web Site, designed to help people with no programming experience learn to build Windows applications or Web sites using Visual Studio 2005.
microsoft -
comments -
4.3.2007 A New Microsoft Site Devoted to IT Pros -- Thrive
"Thrive" is a newly launched Microsoft initiative for IT Professionals.
microsoft -
comments -
13.2.2009 Microsoft open Vine beta site
The Microsoft Vine Beta connects you to the people and places you care about most, when it matters. Stay in touch with family and friends, be informed when someone needs help. Get involved to create great communities. Use alerts, reports and your personal dashboard to stay in touch, informed and involved.
microsoft -
comments -
28.4.2009 Cybercrooks exploiting new Windows DNS flaw
Cybercrooks are using a yet-to-be-patched security flaw in certain Windows versions to attack computers running the operating systems, Microsoft warned late Thursday.
windows -
comments -
13.4.2007 Two Unofficial IE Patches Block Attacks
eWeek reports that two well-respected Internet security companies (eEye and Determina) have released unofficial patches to correct the vulnerability being exploited to load spyware, bots and Trojan downloaders on Windows machines.
microsoft -
comments -
29.3.2006 MySpace to 'block sex offenders'
Social networking website MySpace says it will release tools to identify and ban US sex offenders from its service.
common -
comments -
7.12.2006 Windows Update Blocker Tool Kit - Block Automatic Windows Vista SP2 Update
After availability of Windows Vista Service Pack 2 for public download I am sure many users would have already installed Vista Service Pack 2 to see the performance improvements and its advisable to install Windows Vista sp2 as it has many noticeable changes and also includes all the fixes released after Vista sp1.
common -
comments -
27.5.2009 Windows 7 Gets Its Own Web Site
Microsoft has launched a new Web site that aims to build interest in its forthcoming Windows 7 operating system among developers and other IT professionals. TalkingAboutWindows.com, as the site is called, features numerous videos, blog posts, and Q&A's by the Microsoft engineers who helped develop Windows 7.
windows -
comments -
29.4.2009 Windows Live site updated
Windows Live Portal has been updated, although still in beta it is already in the top 500 most visited websites and still climbing.
windows -
comments -
28.2.2006 Windows Home Server Web Site
The Windows Home Server web site was updated today to a new look and feel, and over the next few weeks/months additional content, links and other great stuff will be added to the site.
windows -
comments -
13.9.2007 Office 2010 Beta Public Download Site URL Lives
The much anticipating Microsoft Office 2010 public beta is scheduled to be available anytime now, and it appears that Microsoft has ready the Office 2010 beta page, which has gone live with all kind of useful information for people interested in the beta of Office 2010.
download -
comments -
14.11.2009 Office 2010 Beta Public Download Site URL Lives
As was expected, Microsoft today on Day 2 of Professional Developers Conference (PDC09) has released Microsoft Office 2010 Beta to public via Microsoft Download Center.
download -
comments -
18.11.2009 Microsoft to Kill the Grace Timer and OEM BIOS Windows Vista Cracks with Vista SP1
With the advent of Windows Vista, cracks also became available being designed to bypass the activation process of the operating system.
windows -
comments -
4.12.2007 Microsoft Says Vista SP1 Needs to Speak the Same Language as Vista RTM
Microsoft says that Windows Vista Service Pack 1 needs to speak the same language as the RTM version of the latest Windows client. Otherwise there's no game.
windows -
comments -
2.4.2008 Vista SP1 – Microsoft Could Not Have Given Less – Vista SP2 Anyone?
Microsoft had the chance to position the first service pack for Windows Vista as a panacea for the operating system, giving the platform nothing less than a fresh start and another take at the Wow.
windows -
comments -
3.10.2007 Microsoft: Vista! Vista! Vista!
Microsoft has a single generalized answer to all life's problems, but especially end user protection, and that answer is of course Windows Vista.
windows -
comments -
14.8.2007Windows Server 2008 DNS Block Feature
Windows Server 2008 introduces a DNS block feature that may affect the ISA Server automatic discovery when implementing the WPAD mechanism using a
Windows Server 2008 DNS Server.
The block feature provides a global query block list to reduce vulnerability associated with
dynamic DNS updates. Dynamic update makes it possible for DNS client computers to register and dynamically update their resource records with a DNS
server whenever a client changes its network address or host name. This reduces the need for manual administration of zone records, especially for
clients that frequently move or change locations and use DHCP to obtain an IP address. This convenience comes at a cost, however, because an
authorized client can register any unused host name, even a host name that might have special significance for certain applications. This can allow a
malicious user to "hijack" a special name and divert certain types of network traffic to that user's computer. WPAD is a commonly deployed protocol
vulnerable to this type of hijacking, and by default WPAD look up is disabled by the blocking mechanism.
winbeta.org -
19.02.2008Details on DNS flaw inadvertently leaked; researcher says patch now
The cat is out of the bag before Black Hat. That isn't a passage from a Dr. Seuss children's book, but a description of what happened on Monday when
a Web site accidentally posted details about a DNS flaw uncovered by security researcher Dan Kaminsky earlier this month...
betanews.com -
23.07.2008Serious RPC Flaw Could Expose Microsoft DNS Servers to Remote Exploits
This morning, the US-CERT team
of the Department of Homeland
Security acknowledged
Microsoft's advisory this
morning, stating that it's
investigating instances where
Windows servers running the
DNS service can be tricked
into running any code remotely
in a local system context,
with the same privileges as
the DNS service itself...
betanews.com -
13.04.2007Site Downtime
You may have noticed from the
error message while trying to
navigate to JCXP on the 27th /
28th.
This was
due to DNS propagation taking
longer than expected, while
moving to a new server.
As you can see, the
site is now back up and
running (minus a few issues
that will be resolved later)
once again! We apologize for
any inconvenience this may
have caused.
JCXP Staff
jcxp.net -
30.01.2006Major fix to DNS vulnerability impacts Windows, Debian
A very serious flaw in the Internet's DNS servers may have been ripe for a significant exploit, though a familiar security researcher might have
sounded the alarm just in time. Now, Microsoft and Linux vendors are responding urgently...
betanews.com -
09.07.2008DNS Servers in Harm's Way
Sometimes it takes a DNS attack for an organization to get serious about the security of its Internet-facing DNS name servers. Many of these servers
today are still not properly secured or configured, security experts say, leaving them wide open for distributed denial-of-service (DDOS) and other
types of attacks.
"There are many organizations who are still in the dark about managing their external DNS," says David
Ulevitch, CEO of OpenDNS. "Just as people run firewalls and anti-spam systems, it's important for them to manage the DNS coming into, and leaving,
their network.
"Many organizations today manage their internal DNS, but leave their Internet-facing DNS wide open to abuse their
network and act as a vector for malicious activity," he says.
winbeta.org -
20.11.2007Microsoft: DNS Vulnerability Not in Vista or XP
Microsoft has denied that the
critical vulnerability
affecting RPC on Windows
Domain Name System Server is
also found in Windows Vista or
Windows XP Service Pack 2. The
Microsoft Security response
Center has tested this
vulnerability against the
complete range of current
Windows operating systems and
has concluded that the issue
is limited to Windows 2000
Server SP4, Windows Server
2003 SP1 and Windows Server
2003 SP2. Microsoft continued
to monitor the evolution of
the problem since the initial
report on April 12 and
confirmed that attacks are
still not widespread. The
Redmond Company has also made
available a new KB article
designed to lend a helping
hand to deploy DNS remote RPC
block workaround at an
enterprise level.
According to Christopher
Budd, MSRC Security Program
Manager, the DNS Server
Service vulnerability only
impacts the Windows server
operating systems: " We
know this because as part of
our Software Security Incident
Response Process (SSIRP) after
we identify a vulnerability
one of the first things we do
is to establish the scope of
affected software. We do this
looking at the source code for
the affected component in all
publicly supported versions of
the product. In the case of
this vulnerability, the code
with the vulnerability is in
the DNS server component. That
component isn't present in
Windows client operating
systems ." Additionally,
Budd pointed at May 8, as the
official date for a security
update to be released.
neowin.net -
24.04.2007BitTorrent site sues for IFPI compensation over block
The Pirate Bay has asked a Dutch court to order music industry group IFPI for monetary compensation for a block placed on it by ISP Tele2...
betanews.com -
17.04.2008Apple's fix for major DNS security hole finally arrives
Nearly three weeks after Microsoft patched its Windows operating system to protect against attacks exploiting a flaw within the DNS system, Apple has
delivered its own fix...
betanews.com -
02.08.2008Another DNS flaw?
Security researcher Dan Kaminsky made headlines last year when he discovered a
critical DNS flaw. If left unpatched it could
have crippled vast parts of the Internet.
As 2009 starts up, a new DNS (
define) flaw has emerged, but the severity
of the threat is less pronounced...
winbeta.org -
10.01.2009Windows DNS bug fix can impair firewalls, including ZoneAlarm
BetaNews has confirmed through its own testing this morning that a critical patch, released yesterday by Microsoft as part of a worldwide DNS bug fix
effort, can and does impact the functionality of software firewalls.
Multiple reports from users since yesterday afternoon have
complained of systems incapable of contacting the Internet after having implemented patch KB951748. This patch makes a major change to the way the
operating system handles DNS requests. Specifically, it implements a system that enables source port randomization -- a way to scramble the
address from which a request is placed -- as a security measure to thwart malicious users from being able to craft false DNS responses, and thus
"poison" the caches of DNS servers.
winbeta.org -
09.07.2008Microsoft DNS Server Attacks Continue
In an advisory this morning
borrowing language used during
previous statements about
completely different exploits,
Microsoft's Security Response
Center team confirmed that it
has seen at least one new wave
of attacks based on
proof-of-concept code
impacting its DNS server
software in Windows
Server-based systems...
betanews.com -
17.04.2007CheckPoint issues fix for ZoneAlarm problem after DNS patch
BetaNews has confirmed through testing that CheckPoint's latest build of ZoneAlarm, issued yesterday in response to a problem arising from a
Microsoft patch to a major DNS security problem, fixes a major problem with Internet access...
betanews.com -
11.07.2008Microsoft Downplaying Recent DNS Vulnerability
Microsoft
downplays a recent DNS vulnerability in all Microsoft operating systems (XP,
Vista, 2000, and 2003), claims Amit Klein, the security researcher who published the
original vulnerability description (PDF) earlier this
month.
According to Klein,
the description in Microsoft's
Secure Windows Initiative blog entry is misleading, contains disinformation about the DNS transaction ID algorithm, and downplays the severity of the
issue. Klein refutes Microsoft's claim that there is no way to reproduce the next transaction ID, given a series of observed transaction IDs. He
shows that this is possible in his paper, which Microsoft had before publishing the SWI post, as well as on the series of data provided in the SWI
blog itself.
winbeta.org -
29.04.2008Microsoft's DNS Fix Leads to More Problems
The blogosphere is
awash with talk about the possible
overall weakness of the Domain Name System (DNS) architecture. For its part, Microsoft's released a DNS fix in its
patch slate for July, but Redmond seems to have problems just
getting it to end users. Moreover, some users of the DNS fix have experienced additional difficulties.
So far, since
Microsoft's DNS fix was issued on July 10, there have been two separate problems associated with its installation.
winbeta.org -
23.07.2008DNS Flaw: Don't Panic, Just Patch
Organizations should move quickly to patch vulnerable DNS servers against a flaw revealed last week.
Despite the fact that few
people know all the technical details of the bug affecting domain name servers that security researcher
Dan Kaminsky reported last week, there
are no shortage of opinions on it.
winbeta.org -
15.07.2008Verizon Tries Out DNS Redirection Service, But Will It Charge?
Last week, customers of
Verizon's ISPs in Illinois,
Indiana, Michigan, and
Wisconsin learned of an
interesting alteration to
their Internet service: The
company is experimenting with
what it's calling an
"Advanced Web Search"
page, which its DNS servers
will distribute in response to
non-resolvable or perhaps
malformed URLs...
betanews.com -
22.06.2007DNS Exploit Used to Plant Backdoor on Windows Servers
Security engineers are
confirming that customers
whose Windows servers were
confirmed penetrated by a
version of the recent DNS
service exploit, were infected
by any of three variants of
backdoor worms identified by
Sophos as W32/Delbot...
betanews.com -
19.04.2007Security lab warns of possible Chinese ISP DNS exploit
An apparent case of DNS poisoning in the caches of a major China-based ISP is causing extra concern today, in light of security engineer Dan
Kaminsky's recent warnings about just how serious a cache poisoning exploit could become...
betanews.com -
23.08.2008DNS celebrates 25th birthday
The internet's Domain Name System is 25 years old this week. Paul Mockapetris, chairman and chief scientist at Nominum, is credited with inventing
the DNS in 1983. Mockapetris shared his thoughts on the technology during a ceremony at the Oxford Internet Institute, discussing how it came to be,
its impact on the internet and where it is headed.
What started as a small project that few thought would be such an important aspect of
communication, the DNS is now part of the internet's underlying infrastructure and provided an alternative to typing numerical IP addresses for
every domain name.
neowin.net -
30.01.2008
