Microsoft patch plugs weakness in Windows URI handling

Microsoft shipped out a duo of patches in November but only one is deemed critical.

This Content Component encountered an error

Important update targets spoofing

This update concerns one of my favorite topics, spoofing. I've found that the term spoofing is tossed around like a great bogeyman when the reality is that in many (if not most) cases, spoofing is not a trivial task and generally requires a significant amount of knowledge about you are trying to spoof.

This vulnerability is no different. Essentially, it requires that an attacker be able to guess (or know) the proper transaction value to use when responding to a DNS request, thereby allowing the attacker to provide a response that could direct the target to the wrong IP address of a given resource. Given the complexity of actually pulling off the exploit, you should definitely apply the update under Defense in Depth, but for many environments, the risk assessment of this issue will probably be fairly low.

About the author: Wesley J. Noonan has been working in the computer industry for more than 12 years specializing in Windows-based networks and network infrastructure security design and implementation. He is a staff quality engineer for NetIQ Corp. working on the security management product line. Wes is the author of Hardening Network Infrastructure and is a contributing/co-author for The CISSP Training Guide by QUE Publishing, Hardening Network Security and Firewall Fundamentals. Wes is also the technical editor for Hacking Exposed: Cisco Networks. Wes is a contributor to Redmond magazine, writing on the subjects of network infrastructure and security.

Dig deeper on Endpoint security management tools

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close