By Tim Gray TechNewsWorld Part of the ECT News Network
04/19/07 11:14 AM PT
Redmond said it will release a fix to a critical Windows DNS flaw that opens a hole for phishing attacks and other e-mail disruptions, but no date has been set. Security experts warned of an increased number of attacks after the code for at least four of the exploits was published on the Web last weekend.
Success is just a matter of knowing the right "secrets." Download the free eBook, "The Edge of Success: 9 Building Blocks to Double Your Sales." You will discover the fastest, most effective ways to grow your business and still have time to live your life.
Microsoft (Nasdaq: MSFT) on Wednesday announced plans to offer a fix to a critical flaw in Windows Domain Name System (DNS) servers that is currently being exploited by cybercriminals.
The zero-day flaw, found on servers running Windows Server 2000 Service Pack 4 and Windows Server 2003 Service Pack 1 and Service Pack 2, gives attackers full control over infected computers via an Internet Relay Chat channel.
The public release of computer code that exploits the yet-to-be-patched Windows security hole has put pressure on Redmond to release a patch prior to its next patch cycle on May 8.
The flaw opens a hole for phishing attacks, directory services problems and other types of e-mail disruptions, according to Microsoft.
Widespread Exploit
Security experts are warning that at least four exploits of the DNS flaw were published on the Internet last weekend, raising concerns over the possibility of widespread attacks.
Once the code was published, Symantec (Nasdaq: SYMC) raised its risk level and warned of an expected increase in attacks.
On Monday, security experts revealed that variants of the Rinbot (or Nirbot) worm had been scanning networks for vulnerable systems and then attempting to exploit the DNS vulnerability.
Limited Attack Cited
Microsoft last week reported a "limited attack" on systems due to the flaw, but that was before the exploit's code was widely published on the Web.
"We are aware, though, of public disclosure of proof-of-concept code to exploit the vulnerability," Christopher Budd, a Microsoft Security Response Center spokesperson, wrote on the company's security blog.
"Attacks are still limited," he added.
Users of vulnerable systems should apply the workarounds that are available on Microsoft's security bulletin page.
Fast-Moving Worm
Although the publication of the code has raised alarms in many quarters, properly protected servers should not be vulnerable, according to security vendor Sophos.
The flaw in Microsoft's code may have been around for a only a few days, but it didn't take long for hackers to take advantage of it, Graham Cluley, senior technology consultant for Sophos, told TechNewsWorld.
"Time and time again, hackers are forcing companies like Microsoft to scramble around to develop, test and roll out a software patch," Cluley noted.
Keeping Watch
Although Microsoft has not provided an estimate of when the fix will be ready for download, its teams around the world are "working on it 24 hours a day," according to Budd.
"However, this is a developing situation and we are constantly evaluating the situation and the status of our development and testing of updates," Budd said in his blog.
The DNS breach is the latest in a recent string of security flaws affecting Microsoft's software.
The Mushrooming Menace of Keyloggers April 18, 2007
"Most modern keyloggers are considered to be legitimate software or hardware and are sold on the open market. However, there is an ethical boundary between justified monitoring and monitoring for the purpose of stealing confidential user information -- a boundary marked by a very fine line," said Nikolay Grebennikov, deputy director of Kaspersky Lab's R&D department.
Related Stories
iPod Proof-of-Concept Virus: No Teeth, No Legs April 06, 2007
Podloso, the iPod proof-of-concept virus discovered by Kaspersky Lab, doesn't amount to a significant threat, since it can't spread and it affects only Linux iPods. However, it hints at dark days to come for fans of the popular music and video player if more-insidious types of iPod malware should be developed.
Mac Malware: Slow but Steady Evolution February 15, 2007
The number of OS X security vulnerabilities is on the rise, which may have something to do with Apple's growing personal computer market share. Still, the operating system remains an infrequent victim for malware hackers compared to Windows systems. Though incidents are increasing, most malware targeting OS X remains one-off, proof-of-concept code.
Study Suggests Mobile Malware Storm Brewing February 13, 2007
The number of mobile malware attacks is on the rise, according to a study by the Informa Telecoms & Media that was sponsored by McAfee. Eighty-three percent of mobile operators surveyed have been hit by device infections -- five times more than the number of incidents in 2005. Also, mobile operators spent much more time in dealing with these threats -- 700 percent more.
Related News Alerts
More by Tim Gray
Blockbuster Lowers Subscriptions Rates June 13, 2007
Blockbuster will now offer a new plan allowing customers to place online orders to rent three movies at a time for $16.99, a dollar less than its previous top-tiered offering, called Total Access. The movies are mailed to the customer. Blockbuster is losing money on the online business but says it will be profitable next year as orders rise.
Toshiba Slashes HD DVD Sales Targets June 12, 2007
Toshiba now expects to sell 44 percent fewer HD DVD players than forecast this year. The slump comes at a critical time for the company, as the market still has not shown which high definition disc player format will dominate. Blu-ray Disc technology, rival of the HD DVD format, already has a foothold in 170 major companies.
Jobs: We Also Make Computers June 12, 2007
Apple provided at its annual developer conference a peek at some of the 300 new features of "Leopard," the company's latest operating system, which is slated for October release. The computer maker will also make its Safari Web browser available for users of Microsoft's Windows operating system.
Headline Feeds
disruptions, according to Microsoft.
Talkback: 
