Security firm PatchLink has issued an emergency workaround to identify the Domain Name System (DNS) Server Service vulnerability in Windows Server platforms, and enable users to temporarily defend themselves against exploits in the wild.
PatchLink’s automated DNS Zero-Day Remediation patch enables customers to identify if they are vulnerable, determine where the impacted DNS servers are located, and block known attack vectors to mitigate risks to their IT environment.
Microsoft issued a security advisory last week about targeted attacks exploiting a vulnerability in the Windows DNS Server, and on Monday, announced that a worm appeared on the internet using the flaw.
The DNS Zero-Day Remediation workaround will help protect customers while they wait for an official patch from Microsoft, and can be uninstalled once the Microsoft patch is made available.
Paul Zimski, director of product and market strategy at PatchLink, said, “While the current botworm exploits are unsophisticated, there is considerable danger that more sophisticated attacks could be in the works.
“The DNS servers are a particularly high value target because a hacker that ‘owns’ DNS servers can perform a ‘man in the middle’ attack. Although this attack isn't going to hit every desktop, it is very serious."
DNS worm strikes at Microsoft server flaw >>
Microsoft rates DNS Server flaw as dangerous >>
Comment on this article: [email protected]
David Lacey’s security blog >>
The latest ideas, best practices, and business issues associated with managing security
Stuart King’s risk management blog >>
Dealing with the operational challenges of information security and risk management