Network News

X My Profile
View More Activity

Microsoft Warns of Attacks on Web Service Flaw

Attackers are actively exploiting a newly reported flaw in Microsoft's software that is allowing them to break into vulnerable systems, the software giant warned Thursday.

The vulnerability applies to Windows 2000 Server and Windows Server 2003 running the DNS Server Service. According to Microsoft, the flaw does not affect fully patched versions of Windows 2000, Windows XP or Windows Vista. Microsoft said it has seen "limited" attacks against this flaw, which appears to initially have been sighted on Apr. 7 in an attack on an educational institution.

The company's Redmond, Wash., headquarters says it is working "around the clock" to come up with a patch to plug the hole, but in the meantime affected customers should consider implementing the tweaks documented in the "suggested actions" of its security advisory.

Update, 1:16 p.m.: As a number of people have already noted, it is not necessary for Windows 2000 Server and Windows 2003 Server users to be running a Web site for this to be a security threat. The vulnerability is with the DNS Name Service, and specifically could be a problem for users of the aforementioned systems if they allow remote management of their DNS servers. The above text has been modified.

By Brian Krebs  |  April 13, 2007; 1:30 PM ET
Categories:  Latest Warnings , Safety Tips  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: Uncle Sam Earns "C-Minus" in Computer Security
Next: Tax Time Means Fraud Time

No comments have been posted to this entry.

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company