Crooks Exploiting New Windows DNS Flaw

[HardOCP News]

Microsoft is warning customers that crooks are exploiting an unpatched security flaw in Windows 2000 Server and Windows 2003 Server. The company says that an attacker could exploit the hole by sending a specially crafted RPC packet to an vulnerable system.

The attacks target Windows 2000 Server and Windows Server 2003 systems through a hole in the Domain Name System, or DNS, service, Microsoft said in a security advisory. The attacks happen by sending rigged data to the service, which by design is meant to help map text-based Internet addresses to numeric Internet Protocol addresses.

 

[srangara]

DNS--Bah! Scrap the Internet, I say!