Dangerous DNS server bug in Longhorn code, too
Microsoft Corp.'s troubles with its newest operating systems continued today as it confirmed that an unpatched vulnerability in its current server software also exists in the still-beta code for Longhorn Server. "Yes, Longhorn Server is affected," a Microsoft spokeswoman said today in an e-mail.
According to a security advisory released late yesterday, a zero-day vulnerability in the Domain Name System (DNS) Server Service in Windows 2000 Server (SP4) and Windows Server 2003 (SP1 and SP2) is being exploited by attackers, who send malformed RPC packets to the server.
[ Read more ]