ITS Homepage Click here for text version of ITS homepage University at AlbanyUAlbany Site IndexUAlbany Search
alerts_tag
Vulnerability in Microsoft DNS Service



ALARM Group ALERT - click for a description of ALARM, The Computing Alert System
Alert Number:  041307-01
Alert Date:  04/13/07
Alert Title:  Vulnerability in Microsoft DNS Service
Update-to:   None
OS/Platform/Application:  
Microsoft Windows 2000 Server Service Pack 4 Running DNS SERVER SERVICE
Microsoft Windows Server 2003 Service Packs 1 and 2 Running DNS SERVER SERVICE
Category:  ALERT
Severity: MEDIUM
Attention:  Windows system Administrators

Summary:  Various Internet security-related agencies are reporting the existence (and current active exploitation) of a vulnerability in the Domain Name System (DNS) Server Service on Microsoft Windows 2000 Server and Windows Server 2003.  Other Microsoft operating systems are not vulnerable, nor are 2000 and 2003 Server systems that are not running the DNS Server Service.  The vector of exploit for this vulnerability would be a remote procedure call (RPC) packet sent from an attacking system.  Successful exploitation of this vulnerability could result in execution of arbitrary code.  At the time of this writing (10:40 AM 4/13/07) attacks/exploit attempts are reportedly small in quantity and apparently directed in nature.  Microsoft has issued security advisory 935964 to describe the vulnerability and offer a workaround strategy to secure vulnerable systems until an official patch is released.

Recommended Actions:   Windows Server 2000 and 2003 System Administrators/users are encouraged to read the security advisory and associated information (links provided below) and to consider following the recommendations made by the vendor.  Please note that (at this time) the vulnerability only affects 2000 and 2003 servers that are running the Domain Name System (DNS) Server Service.

ITS Actions:  ITS Systems Management and Operations Staff will apply all necessary patches/workarounds to the appropriate ITS servers as part of the next scheduled system update.

Resources:

Microsoft Security Advisory 935964:
http://www.microsoft.com/technet/security/advisory/935964.mspx

Microsoft Security Response Center Blog Entry:
http://blogs.technet.com/msrc/archive/2007/04/12/microsoft-security-advisory-935964-posted.aspx

Secunia Advisory:
http://secunia.com/advisories/24871/

FrSIRT Advisory:
http://www.frsirt.com/english/advisories/2007/1366

SecurityFocus information:
http://www.securityfocus.com/bid/23470/info
 

BLANKABCDEFGHIJKLMBLANK
BLANKNOPQRSTUVWXYZBLANK
CHOOSE FROM the ITS Site Index

GO TO an ITS Group

Information Technology Services
University at Albany, SUNY
1400 Washington Avenue
Albany, NY 12222
ITS Service Centers:  518-442-4000
  		University at Albany Home Page
Contact UAlbany | Directories | Calendars | Visitors | Site Index | Search
Admissions | Academics | Research | IT Services | Libraries | Athletics
Internet Privacy Policy              IT Policies