New WINS Exploits Making Rounds

 
 
By Ryan Naraine  |  Posted 2005-01-04 Email Print this article Print
 
 
 
 
 
 
 

Researchers find a startling increase in hacker probes directed at Microsoft's Windows Internet Name Service.

Almost a month after Microsoft released a fix for a security issue in the WINS (Windows Internet Name Service) name server, malicious exploits continue to haunt tardy network administrators.

According to an alert from the SANS ISC (Internet Storm Center), there has been a startling increase in hacker probes directed at TCP port 42 and UDP 42, which handle WINS services.

"If you have not patched your WINS servers in respective companies or campuses, beware. Patching these systems is now overdue," the center warned.

Last month, Microsoft released the MS04-045 patch with a warning that a successful exploit could take complete control of an affected system, including installing programs; viewing, changing or deleting data; or creating new accounts that have full privileges.

The vulnerability, first detected last November, occurs in the way the WINS server handles computer name validation and association context validation.

WINS is a NetBIOS name server used to determine the IP address associated with a particular network computer.

Check out eWEEK.coms for Microsoft and Windows news, views and analysis.
 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date
Rocket Fuel