Welcome to TechNet Blogs Sign in | Join | Help

Browse by Tags

All Tags » dns   (RSS)
Friday, March 13, 2009 3:57 PM

MS09-008: DNS and WINS Server Security Update in More Detail

After releasing security update MS09-008 , we received a number of questions on the WPAD issue ( CVE-2009-0093 ) addressed in the update. There are claims that this update is ineffective. Let me be clear that this update will protect you and it should
Posted by swiblog | (Comments Off)
Tuesday, July 08, 2008 10:00 AM

MS08-037 : More entropy for the DNS resolver

We released security bulletin MS08-020 two months ago to improve the DNS transaction ID entropy. You can read more about the MS08-020 algorithm change in this blog entry . Increasing the entropy makes it more difficult for attackers to spoof DNS replies.
Posted by swiblog | (Comments Off)
Wednesday, April 09, 2008 9:00 AM

MS08-020 : How predictable is the DNS transaction ID?

Today we released MS08-020 to address a weakness in the Transaction ID (TXID) generation algorithm in the DNS client resolver. The TXID is a 16-bit entity that is primarily used as a synchronization mechanism between DNS servers/clients; in fact, you
Posted by swiblog | (Comments Off)
Filed under: ,
Thursday, December 27, 2007 1:28 PM

MS07-065 - The case of the significant suffix

MS07-065 fixed a vulnerability in the Message Queueing service. On Windows 2000, a remote anonymous attacker could use this vulnerability to run code as local system on unpatched machines. Windows XP added defense-in-depth hardening to disallow remote
Posted by swiblog | 2 Comments
Filed under: , ,
 
Page view tracker