ISS announced that it has discovered and provided pre-emptive protection for critical flaws in the Microsoft Domain Name System (DNS) client since February 2006.
ISS is providing customers with security content and protection for all of the vulnerabilities disclosed by Microsoft yesterday, including a flaw in the Microsoft Server Service, which X-Force predicts could soon be used by attackers to create an Internet worm.
“The Microsoft DNS client flaws discovered by X-Force are of particular concern because the vulnerable DNS client is installed on all current Windows platforms,” said Alain Sergile, technical product manager of X-Force, the research division of Internet Security Systems. “Through these vulnerabilities, an attacker can answer a DNS query with a malicious response, triggering a heap corruption and gaining complete, unauthorised control of an affected machine.”
The Microsoft DNS client is an internal library supplied with Windows that is used to resolve domain names to IP addresses. X-Force has discovered three separate vulnerabilities in the DNS code.
The Microsoft Server Service provides basic Windows networking services such as file and printer sharing. Through the flaw announced by Microsoft today, it is vulnerable to remote code execution.