PatchLink issues workaround for Windows DNS Server flaw


PatchLink issues workaround for Windows DNS Server flaw

Antony Savvas

Security firm PatchLink has issued an emergency workaround to identify the Domain Name System (DNS) Server Service vulnerability in Windows Server platforms, and enable users to temporarily defend themselves against exploits in the wild.

PatchLink’s automated DNS Zero-Day Remediation patch enables customers to identify if they are vulnerable, determine where the impacted DNS servers are located, and block known attack vectors to mitigate risks to their IT environment. 

Microsoft issued a security advisory last week about targeted attacks exploiting a vulnerability in the Windows DNS Server, and on Monday, announced that a worm appeared on the internet using the flaw.

The DNS Zero-Day Remediation workaround will help protect customers while they wait for an official patch from Microsoft, and can be uninstalled once the Microsoft patch is made available. 

Paul Zimski, director of product and market strategy at PatchLink, said, “While the current botworm exploits are unsophisticated, there is considerable danger that more sophisticated attacks could be in the works.

“The DNS servers are a particularly high value target because a hacker that ‘owns’ DNS servers can perform a ‘man in the middle’ attack. Although this attack isn't going to hit every desktop, it is very serious."

DNS worm strikes at Microsoft server flaw >>

Microsoft rates DNS Server flaw as dangerous >>

Comment on this article:

David Lacey’s security blog >>
The latest ideas, best practices, and business issues associated with managing security

Stuart King’s risk management blog >>
Dealing with the operational challenges of information security and risk management

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy