New MS DNS Vulnerability creeping up?
We are currently investigating a possible exploit with MS, Active Directory, and DNS.  At this point the information looks solid, provided initially by Bill O. for review.  Further information has been provided by Bill, who is working on contacting MS, as things have progressed.  Looking at the description of the attack method, it looks solid based on my experience with MS.  If anybody has any scans from the range, I would be very interested in seeing full captures.

We will keep you posted as things progress.  I will be sending on what we have discovered as well to MS tomorrow.  It is 0130EST right now in the US, I will be passing the findings on to the other Handlers for review and input later this morning.

150 Posts
ISC Handler
Apr 7th 2007

Sign Up for Free or Log In to start participating in the conversation!