Synchronised, Multi-vendor DNS Patches Released
News However, Microsoft in its security bulletin said its patch uses highly random DNS transaction IDs, random sockets for UDP (User Datagram Protocol) queries, and updates the logic used to manage the DNS cache.
[July 9, 2008, 8:21]
Microsoft Issues Patch Tuesday DNS Fix
News The updates linked to in Tuesday's bulletins include a patch for a potentially serious underlying DNS flaw. The spoofing vulnerability exists in Windows DNS clients and Windows DNS servers, and could allow an attacker to "quickly and reliably spoof...
[July 9, 2008, 13:28]
Tackling Microsoft's August Patches: Part 2
News In addition, an attacker can only exploit the buffer overrun vulnerability on a subnet between the host and the DNS server. Workarounds include blocking DNS record types ATMA, TXT, X25, HINFO, and ISDN DNS at network gateways.
[August 22, 2006, 13:10]
ZoneAlarm Updated After Microsoft DNS Patch
News Since Tuesday, ZoneAlarm customers have complained that access to the internet was denied after installing MS08-037, a patch designed by Microsoft to fix a vulnerability in both the client and server Domain Name System (DNS) packages within Windows.
[July 11, 2008, 8:50]
Microsoft Plans Fix For DNS Vulnerability
News Microsoft's updates will include a patch for a vulnerability in the Windows domain name system, or DNS. Shortly after it released the fixes, several new Office zero-day bugs and the Windows DNS bug hit.
[May 4, 2007, 8:35]
Microsoft Fixes 'critical' Flaws In New Programs
News This includes an expected patch for a flaw in the Windows domain name system, or DNS. The company published seven security bulletins as part of its monthly patch cycle. Exchange is flawed in a way that could allow a system running the email server...
[May 9, 2007, 9:56]
The Man Who Transformed Internet Security
Comment It would do so silently, evading most anti-phishing technology because the change would be made, not at the desktop level, but at the DNS server itself. The flaw Kaminsky discovered could allow criminal hackers to guess the transaction ID of any...
[July 16, 2008, 15:19]
Attackers Target Windows DNS Flaw
News The attacks target Windows 2000 Server and Windows Server 2003 systems through a hole in the Domain Name System (DNS) service, Microsoft said in a security advisory. The French Security Incident Response Team deems the Windows DNS vulnerability...
[April 13, 2007, 9:13]
Cisco Sounds Multiple Security Warnings
News The vulnerability was associated with Cisco IP phones running the DNS protocol. DNS handles the translation of domain names into IP addresses. DNS servers are located throughout the Internet to perform this translation and to ensure that IP packets...
[July 15, 2005, 9:40]
Networks Crippled By Worms' Onslaught
News The ISP said it saw a dramatic increase in the number of mail-record lookups processed by its domain name system (DNS) root server in the past 24 hours. Every time the mini-mail server sends off a copy of the virus, it looks up data from the DNS...
[August 22, 2003, 8:45]
'Patch Tuesday' Proves Busy For Microsoft
News However, an attacker has to be on the same subnetwork as the intended target or must trick the user into making a DNS request to a malicious server, Microsoft said in bulletin MS06-041. Another of this month's flaws that could be exploited without...
[August 9, 2006, 8:45]
BIND Bug Opens Domain Name Servers To Attack
News The exploit allows a hacker to send a DNS packet designed to trigger an internal consistency check and shut down the server. CERT, an Internet security advisory service, on Tuesday warned that the flaw affects Domain Name System (DNS) servers...
[June 5, 2002, 15:11]
Tuesday
Blog SQL Slammer hits the Net, triggers faults in Cisco routers, DNS falls off the edge of the world, ATMs clam up and servers break down. It gets worse: the code that's exploited might be in SQL Server 2000 -- which people know to patch, even if MS has...
[January 31, 2003, 16:40]
