New WINS Exploits Making RoundsBy Ryan Naraine | Posted 2005-01-04 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
Researchers find a startling increase in hacker probes directed at Microsoft's Windows Internet Name Service.Almost a month after Microsoft released a fix for a security issue in the WINS (Windows Internet Name Service) name server, malicious exploits continue to haunt tardy network administrators.
According to an alert from the SANS ISC (Internet Storm Center), there has been a startling increase in hacker probes directed at TCP port 42 and UDP 42, which handle WINS services.
"If you have not patched your WINS servers in respective companies or campuses, beware. Patching these systems is now overdue," the center warned.
The vulnerability, first detected last November, occurs in the way the WINS server handles computer name validation and association context validation.
WINS is a NetBIOS name server used to determine the IP address associated with a particular network computer.
Check out eWEEK.com's for Microsoft and Windows news, views and analysis.