August 10, 2006; 08:50 AM Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX), the worldwide
leader in pre-emptive, enterprise security, today announced that it has
discovered and provided pre-emptive protection for critical flaws in
the Microsoft Domain Name System (DNS) client since February 2006. ISS
is providing customers with security content and protection for all of
the vulnerabilities disclosed by Microsoft yesterday, including a flaw
in the Microsoft Server Service, which X-Force predicts could soon be
used by attackers to create an Internet worm.
"The Microsoft DNS client flaws discovered by X-Force are of particular
concern because the vulnerable DNS client is installed on all current
Windows platforms," said Alain Sergile, technical product manager of
X-Force, the research division of Internet Security Systems. "Through
these vulnerabilities, an attacker can answer a DNS query with a
malicious response, triggering a heap corruption and gaining complete,
unauthorised control of an affected machine."
The Microsoft DNS client is an internal library supplied with Windows
that is used to resolve domain names to IP addresses. X-Force has
discovered three separate vulnerabilities in the DNS code.
"In addition to paying particular attention to the DNS flaws, ISS
advises organisations to place priority on patching the Microsoft
Server Service," said Gunter Ollmann, director of ISS X-Force. "Because
the service runs by default on Windows machines, and a successful
compromise of an affected version leaves the attacker in complete
control of the targeted host, this type of vulnerability is
traditionally a common vector for worm exploitation."
The Microsoft Server Service provides basic Windows networking services
such as file and printer sharing. Through the flaw announced by
Microsoft today, it is vulnerable to remote code execution.
The unique intelligence of X-Force is infused into all ISS products and
services, including the company's Virtual Patch® technology, enabling
the company to pre-emptively protect customers from the world's most
dangerous security events before impact. Since its inception in 1997,
X-Force has consistently rivalled independent researchers and other
security vendors with its cutting-edge vulnerability discoveries.
Further details on these vulnerabilities and ISS discoveries can be found in the ISS X-Force advisories and alert at: http://xforce.iss.net/
Microsoft's security bulletin addressing these issues can be found at: http://www.microsoft.com/technet/security/current.aspx
|