Microsoft Security Advisory 935964: Additional Updates ~ Security Garden

Tuesday, April 17, 2007

Microsoft Security Advisory 935964: Additional Updates

The Microsoft Security Response Team is working around the clock to provide a solution to the vulnerability in RPC on Windows DNS Servers which could allow remote code execution, relating to the following:

Microsoft Windows 2000 Server Service Pack 4
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Small Business Server 2000*
Microsoft Windows Small Business Server 2003*

*The listed SBS run the DNS Server Service by default and are also affected by this vulnerability.

Windows 2000 Professional Service Pack 4, Windows XP Service Pack 2, and Windows Vista are not affected as they do not contain the vulnerable code.

Please note, in particular, that new information about the impact of some of the workarounds on systems with 15 character, or longer, system names has been added to the Security Advisory. In addition, Microsoft staff have noted that it is possible for a user with valid logon credentials to access the vulnerability over port 445.

See the workaround in the below-referenced Security Advisory and Jesper's Blog post, Turn off RPC management of DNS on all DCs for instructions for disabling RPC management on DNS on a large number of DCs or DNS servers.

References:

Welcome to the Security Garden, where everything is coming up roses.

The best way to protect your garden is to fence it in. The same applies to your computer.
Get computer security news and information, help, tips and more at the Security Garden.

Articles

My Garden Roots

Perennial Favorites

Article Categories

Tuesday, April 17, 2007