Threat Level: green Handler on Duty: Jim Clausing

SANS ISC: New MS DNS Vulnerability creeping up? SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New MS DNS Vulnerability creeping up?
We are currently investigating a possible exploit with MS, Active Directory, and DNS.  At this point the information looks solid, provided initially by Bill O. for review.  Further information has been provided by Bill, who is working on contacting MS, as things have progressed.  Looking at the description of the attack method, it looks solid based on my experience with MS.  If anybody has any scans from the 61.63.xxx.xxx range, I would be very interested in seeing full captures.

We will keep you posted as things progress.  I will be sending on what we have discovered as well to MS tomorrow.  It is 0130EST right now in the US, I will be passing the findings on to the other Handlers for review and input later this morning.
Tony

150 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!