Microsoft DNS Server Zero-Day
Right at the heel of Microsoft releasing its slew of patches, another vulnerability has been released. Microsoft didn't delay getting into action, releasing an advisoryfor it almost immediately. This time, the vulnerability lies within theDomain Name System (DNS) Server Service affecting the server line ofMicrosoft's operating systems. The vulnerability allows the attacker torun code remotely in the security context of DNS Server Service, whichby default is SYSTEM.
Symantec Security Response have analyzed a sample of the proof-of-concept code and have released Bloodhound.Exploit.136signatures to detect threats that utilize this vulnerability. Thisdetection is available starting with Rapid Release virus definitionsversion 04/13/2007 rev.53.
At this point, we have not seen this vulnerability being activelyexploited, but have received reports of exploitation via other organizations.Since Microsoft has not yet released a fix for this issue, we urgecustomers to update their security products. We also ask administratorsof networks and DNS servers to apply the mitigation solutions providedby Microsoft in its advisory.
For more information, visit the SecurityFocus advisory, Microsoft Windows Domain Name Server Service Remote Procedure Call Interface Vulnerability (BID 23470)
About Security Response Blog
Our security research centers around the world provide unparalleled analysis of and protection from malware, security risks, vulnerabilities, and spam.
Filter by:
Recently on Twitter
- Strange Case of W32.Xpaj.B as Patient Zero http://t.co/8872Zu17 #virus24 May 2012
- A legitimate digitally signed file is misused in order to load #malware on to a computer: http://t.co/wZjNKKCh24 May 2012
- ZTE Score: Privilege of Escalation in a Nutshell http://t.co/Svj5T57F23 May 2012
- #Worm Posts on SNS Sites and Wipes out Rivals http://t.co/RWRIZdzU18 May 2012
- Beware #419 scams taking advantage of the #Facebook IPO: http://t.co/7TPOvR8w18 May 2012