Security Research & Defense

Information from Microsoft about vulnerabilities, mitigations and workarounds, active attacks, security research, tools and guidance

Browse by Tags

Related Posts
  • Blog Post: Vulnerabilities in DNS Server Could Allow Remote Code Execution

    Today we released MS11-058 to address two vulnerabilities in the Microsoft DNS Service. One of the two issues, CVE-2011-1966, could potentially allow an attacker who successfully exploited the vulnerability to run arbitrary code on Windows Server 2008 and Windows Server 2008 R2 DNS servers having a particular...
  • Blog Post: MS07-065 - The case of the significant suffix

    MS07-065 fixed a vulnerability in the Message Queueing service. On Windows 2000, a remote anonymous attacker could use this vulnerability to run code as local system on unpatched machines. Windows XP added defense-in-depth hardening to disallow remote access for this service that does not need to be...
  • Blog Post: MS08-020 : How predictable is the DNS transaction ID?

    Today we released MS08-020 to address a weakness in the Transaction ID (TXID) generation algorithm in the DNS client resolver. The TXID is a 16-bit entity that is primarily used as a synchronization mechanism between DNS servers/clients; in fact, you can think of it as an Initial Sequence Number (ISN...
  • Blog Post: MS08-037 : More entropy for the DNS resolver

    We released security bulletin MS08-020 two months ago to improve the DNS transaction ID entropy. You can read more about the MS08-020 algorithm change in this blog entry . Increasing the entropy makes it more difficult for attackers to spoof DNS replies. Today, we released MS08-037 to further increase...
  • Blog Post: MS09-008: DNS and WINS Server Security Update in More Detail

    After releasing security update MS09-008 , we received a number of questions on the WPAD issue ( CVE-2009-0093 ) addressed in the update. There are claims that this update is ineffective. Let me be clear that this update will protect you and it should be deployed as soon as possible. Below is an overview...