Daily cyber threats and internet security news: network security, online safety and latest security alerts
August 19th, 2009

Microsoft WINS Vulnerability Under Attack

Just one week after Microsoft issued a fix for a worm hole in the Windows Internet Name Service (WINS), malicious hackers have started launching attacks against unpatched systems.

The attacks, first spotted by the SANS Internet Storm Center, are hitting Microsoft Windows users who have not yet applied the MS09-039 update.

The MS09-039 update, released earlier this month on Patch Tuesday, is rated “critical” and Microsoft warned at the time that it expected to see dangerous exploit code within 30 days.

According to SANS ISC, there has been a sharp spike in Internet activity associated with TCP Port 42 in recent days. The vulnerability in question allows remote code execution attacks via specially crafted WINS replication packet to an affected system running the WINS service.

According to the IDG News Service, the attacks are originating from IP addresses in China.

Credit: Security Blogs

Share this item with others:

More on CyberInsecure:
  • Monthly Microsoft Patch Fixes Critical Windows Kernel, WINS Vulnerabilities
  • Cross-Domain Vulnerability In Microsoft Internet Explorer 6
  • Microsoft Word Unspecified Remote Code Execution Vulnerability
  • Word Vulnerability In Microsoft Jet Database
  • Microsoft Releases Emergency Patch For Critical Windows Vulnerability

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Microsoft WINS Vulnerability Under Attack

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.