Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

DNS server vulnerability could allow denial of service


Report ID: MS201203001
Date Published: 14 March 2012

Criticality: Important
Compromise Type: denial-of-service
Compromise From: remote


Affected Product/Component:

Windows Server 2003
Windows Server 2008
Windows Server 2008 R2




Summary

A vulnerability in DNS server caused by improper handling of objects in memory could be used in a denial of service attack.



Detailed Description

Microsoft has released a security update for its Windows Server products following a report on a denial of service vulnerability. The vulnerability exists when a Domain Name System (DNS) server fails to properly handle objects in memory while looking up a resource record. Upon successful exploit, tt could cause the target system to stop responding and restart.

This issue has been resolved in the latest security update, which modifies the way that the DNS server handles object in memory. Users are recommended to install this update to protect their system from potential exploit.



CVE Reference

CVE-2012-0006



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-017)




Security Advisories

For a list of known vulnerabilities affecting F-Secure products and the released fixes, please refer to the Security Advisories page.