Windows DNS Server’s RPC interface

If you aren’t already aware from press articles or the Microsoft Security Advisory, there are reports of an attack exploiting a vulnerability in the DNS Server Service in Windows 2000 Server SP4, Windows Server 2003 SP1, and Windows Server 2003 SP2. The attack could allow remote code execution.

Folks in the MSRC say, “At this time, the attack does not appear widespread.” The FAQ with the Security Advisory says, “Microsoft is completing development of a security update for Windows that addresses this vulnerability” … and they offer some work-arounds in the mean time.

Finally, here’s guidance for customers:

Customers who believe they are affected can contact Product Support Services. Contact Product Support Services in North America for help with security update issues or viruses at no charge using the PC Safety line (1-866-PCSAFETY). International customers can use any method found at this location: http://support.microsoft.com/security. International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit the International Support Web site.

Patrick