News

DNS Problem Is 'Important' To Patch, Microsoft Says

Microsoft issued a formal security advisory with an "urgent warning" to patch a general Domain Name System vulnerability that can enable spoofing attacks.

Microsoft issued a formal security advisory on Friday addressing what IT security pros are calling an "urgent warning" to patch a general Domain Name System (DNS) vulnerability that can enable spoofing attacks. Redmond recommends installing a previously released "important" DNS patch as soon as possible.

The advisory comes almost immediately after H.D. Moore, a hacker and researcher who created the Metasploit vulnerability testing framework, published the attack code in two parts on Wednesday and late Thursday. The code was posted at several security mailing lists and at the Computer Academic Underground Web site.

According to the summary of the exploits, the first one enables a hacker to corrupt the cache in a DNS server. The other exploit is multifaceted and rotates, giving the attacker a shot at a larger amount of domain names through a single entry. Experts say the latter exploit could result in thousands of fake addresses inserted into a DNS server's cache.

In its latest bulletin, Microsoft noted that "attacks are likely imminent" because of the availability of exploit code.

"Since the coordinated release of these updates, the threat to DNS systems has increased due to a greater public understanding of the attacks, as well as detailed exploit code being published on the Internet," the advisory stated.

Reacting to the advisory, IT security pros are saying that Microsoft's statements vindicate the assertions of critics who thought the risk considerations regarding the DNS patch were underplayed.

"While Microsoft admits no active attacks on their radar, and they labeled the patch as 'important,' they are also subtlety saying that everyone needs to patch now because the risk is pretty large," said Andrew Storms, director of security for San Francisco-based nCircle, in an interview with Redmondmag.com on Friday.

IT security pros do admit that the DNS discourse and subsequent exploit release spiraled faster and further than Microsoft could have anticipated.

"The magnitude of the big-picture problem is probably more clear now than when Microsoft released the patch, especially now that exploit code is out and has the capability of significant disruption of all DNS-dependent network activity," said Don Leatham, director of solutions and strategy at Lumension Security in Scottsdale, Ariz.

Leatham suggested scrutiny of the fine print in Microsoft's latest DNS security bulletin.

"We've not seen an inordinate number of inquires on the installation issues. However people should pay special attention to the FAQ for this bulletin, as it has been updated multiple times as issues have been discovered."

While Microsoft touts its DNS vulnerability patch as a safe haven, there are still some issues with actually getting it installed in some Windows programs.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

comments powered by Disqus

Featured

  • Mastering Blazor Authentication and Authorization

    At the Visual Studio Live! @ Microsoft HQ developer conference set for August, Rockford Lhotka will explain the ins and outs of authentication across Blazor Server, WebAssembly, and .NET MAUI Hybrid apps, and show how to use identity and claims to customize application behavior through fine-grained authorization.

  • Linear Support Vector Regression from Scratch Using C# with Evolutionary Training

    Dr. James McCaffrey from Microsoft Research presents a complete end-to-end demonstration of the linear support vector regression (linear SVR) technique, where the goal is to predict a single numeric value. A linear SVR model uses an unusual error/loss function and cannot be trained using standard simple techniques, and so evolutionary optimization training is used.

  • Low-Code Report Says AI Will Enhance, Not Replace DIY Dev Tools

    Along with replacing software developers and possibly killing humanity, advanced AI is seen by many as a death knell for the do-it-yourself, low-code/no-code tooling industry, but a new report belies that notion.

  • Vibe Coding with Latest Visual Studio Preview

    Microsoft's latest Visual Studio preview facilitates "vibe coding," where developers mainly use GitHub Copilot AI to do all the programming in accordance with spoken or typed instructions.

  • Steve Sanderson Previews AI App Dev: Small Models, Agents and a Blazor Voice Assistant

    Blazor creator Steve Sanderson presented a keynote at the recent NDC London 2025 conference where he previewed the future of .NET application development with smaller AI models and autonomous agents, along with showcasing a new Blazor voice assistant project demonstrating cutting-edge functionality.

Subscribe on YouTube