Don't Hold Your Breath for a MS DNS Hole Patch
Security Watch
SHARE
Facebook X Pinterest WhatsApp

Don’t Hold Your Breath for a MS DNS Hole Patch

Written By
Lisa Vaas
Lisa Vaas
Apr 18, 2007
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

Microsoft says it hopes to patch the hole in its Domain Name System Server—which is now leaving vulnerable PCs open to a worm attack—by “no later” than Patch Tuesday in May.

Microsoft teams are working around the world and around the clock to get a fix out for the May 8 security bulletin release, the MSRC’s Christopher Budd wrote in the security center’s blog on Tuesday night.

Budd said that Microsoft teams are now developing and testing 133 separate updates, including one in every language for every currently supported version of Windows servers.

“Each of these has to be tested to ensure they effectively protect against the vulnerability,” Budd said. “Because DNS is a critical part of the networking infrastructure, they also have to be tested to ensure that changes introduced by the updates don’t pose a greater risk than the security issue we’re addressing.”

Microsoft has updated its Windows Live Safety Scanner and Windows Live One Care overnight to protect customers from attack. As part of the company’s SSIRP (Software Security Incident Response Process) the company has also fed information to MSRA partners so their products can better protect customers. Microsoft has also been working with its partners in the Global Infrastructure Alliance for Internet Safety (GIAIS) program to stem the spread of attacks.

Budd also said that Microsoft has been working through the night with its MSRA (Microsoft Security Response Alliance) partners and so far has not seen widespread attacks.

However, he said, the zero-day vulnerability, which was discovered last week, and the subsequent attacks—which culminated in the launch of a worm attack mere days after Microsoft first noted exploits of the flaw—constitute a “developing situation” that could impact the status of Microsoft’s patching and testing process, Budd said.

Microsoft is yet again urging users to deploy workarounds presented in its security advisory, saying that the workarounds are an effective protection against the attacks seen to date. In particular the company wants users to evaluate the key workaround and to make sure they’re using the latest signatures for their security protection products.
Lisa Vaas
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information