Microsoft admits it doesn't have a fix for exploit in Windows servers [Archive]

View Full Version : Microsoft admits it doesn't have a fix for exploit in Windows servers

eddie

21-04-2007, 03:21 AM

Source: Microsoft Security Advisory (http://www.microsoft.com/technet/security/advisory/935964.mspx)

While the list of exploits trying to take advantage of a serious DNS flaw in Microsoft's Server Operating Systems keeps growing in size (http://securitywatch.eweek.com/exploits_and_attacks/list_of_malicious_ms_dns_flaw_exploits_still_growi ng.html), the company told users that it does not have a fix at hand. Instead, Microsoft is telling administrators to use a workaround (http://securitywatch.eweek.com/exploits_and_attacks/microsoft_urges_workaround_as_worm_hits_unpatched_ dns_flaw.html) while the company tries to get a patch out of the door. Though, according to Microsoft Security Response Center (http://blogs.technet.com/msrc/archive/2007/04/17/update-on-microsoft-security-advisory-935964.aspx) you should not hold your breath (http://securitywatch.eweek.com/exploits_and_attacks/dont_hold_your_breath_for_a_ms_dns_hole_patch.html ) for the patch as the same may not be available till next month.

Affected Software are
Microsoft Windows 2000 Server Service Pack 4
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 Service Pack 2

mediator

21-04-2007, 07:32 PM

No fix for exploit in windows server? :shock:

techtronic

21-04-2007, 07:51 PM

I hope this does not have the Blaster/Sasser Effect Magnitude :mad:

eddie

22-04-2007, 02:57 AM

No fix for exploit in windows server? :shock: So much for security haan? :p Servers being their most secure offerings...hehehe...

freebird

22-04-2007, 04:13 AM

now dear,pls beat open source as someone posted in other section (http://www.thinkdigit.com/forum/showthread.php?t=55760).:eek::mad:

praka123

22-04-2007, 05:00 AM

Isnt MSFT uses akamai's Linux powered DNS servers for their own sites? www.microsoft.com :))

kalpik

22-04-2007, 09:12 AM

^^ Pawnd!

eddie

23-04-2007, 02:25 AM

I guess they used those servers when Blaster was rampant. Are they still using them?

freebird

23-04-2007, 04:02 AM

hmm...is netcraft that reliable!needs to try `nmap -O' or someother ways!
http://www.linuxquestions.org/questions/showthread.php?t=518762&highlight=netcraft

praka123

23-04-2007, 04:23 AM

^ just a telnet try will show u"
:
root@ubuntu:~# telnet www.microsoft.com http
Trying 207.46.199.60...
Connected to lb1.www.ms.akadns.net. yet again akamai>!?
Netcraft can lie!but i dont check whether akmai runs windows :)=they cleverly hides? Linux

s18000rpm

23-04-2007, 08:51 AM

^^ Pawnd! it should be Pwned not pawnd :p

Pwned :p

:D

gx_saurav

23-04-2007, 11:03 AM

bad move from MS, they deserve some spanking. It is windows server, it should be there first priority