Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Microsoft Confirms WINS Flaw

    By
    Ryan Naraine
    -
    November 29, 2004
    Share
    Facebook
    Twitter
    Linkedin

      Microsoft Corp. has issued a workaround for a newly discovered security issue in WINS (Windows Internet Name Service) that could lead to malicious code execution.

      Just days after research outfit Immunity Inc. issued an advisory, Redmond confirmed that the WINS vulnerability could make it possible for an attacker to take control of a WINS server remotely.

      The issue affects Microsoft Windows NT 4.0 Server, Microsoft Windows NT Server 4.0 Terminal Server Edition, Windows 2000 Server, and Windows Server 2003.

      Windows 2000 Pro, Windows XP and Windows Millennium Edition (ME) are not affected by this vulnerability, according to the company. By default, WINS is not installed on any versions of Microsoft Windows.

      Secunia released a separate advisory with a “moderately critical” flaw rating.

      WINS is a NetBIOS name server used to determine the IP address associated with a particular network computer. The flaw exists in the WINS replication feature that allows one or more WINS servers to exchange information with each other about the computers on their respective networks.

      In a Knowledge Base article released Sunday, the software giant recommended that WINS users block TCP port 42 and UDP 42 at the firewall level.

      “These ports are used to initiate a connection with a remote WINS server,” the article said. “Blocking these ports at the firewall will help prevent systems that are behind that firewall from being attacked by attempts to exploit this vulnerability. It is possible that other ports may be found that could be used to exploit this vulnerability.

      “The ports that are listed are the most common attack vectors. We recommend blocking all incoming unsolicited communication from the Internet.”

      Microsoft officials also said organizations that dont need WINS should remove it from affected Windows systems. Detailed instructions for removing WINS is provided in the companys workaround notice.

      /zimages/2/28571.gifClick here to read about a flaw in Microsofts ISA Server that could allow an attacker to spoof trusted Internet content.

      Affected customers should also consider using the IP Security protocol to secure traffic between WINS Server Replication Partners.

      Microsoft said a full-fledged fix is in development and will be released as part of its monthly patching cycle.

      It is the second time this year that Microsoft will be releasing a fix for WINS. In February, the companys MS04-006 patch corrected a code-execution bug in the method used by WINS to validate the length of specially crafted packets.

      /zimages/2/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Avatar
      Ryan Naraine

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×