One of 12 today...but since it's DNS related
Microsoft Security Bulletin MS06-041 Vulnerability in DNS Resolution
Could Allow Remote Code Execution (920683):
http://www.microsoft.com/technet/security/Bulletin/MS06-041.mspx
For an attack to be successful the attacker would either have to be on a
subnet between the host and the DNS server or force the target host to
make a DNS request to receive a specially crafted record response from
an attacking server.
(and Brett...just a FYI... in my twig forest... any attacker that ends
up on a subnet between a host and my DNS server [aka the Kitchen sink
service server] ... that attacker is dead meat and has a 2x4 aimed his
way... one advantage of being little)
Your patch folks may be calling up you AD guys for testing passes.
Workarounds:
*Block DNS related records at network gateways*
Blocking the following DNS record types at network gateways will help
protect the affected system from attempts to exploit this vulnerability.
•
ATMA
•
TXT
•
X25
•
HINFO
•
ISDN DNS
--
Letting your vendors set your risk analysis these days?
http://www.threatcode.com
If you are a SBSer and you don't subscribe to the SBS Blog... man ... I will
hunt you down...
http://blogs.technet.com/sbs
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
