Vulnerability found in Microsoft WINS

CIOL Bureau
Updated On
New Update

NEW DELHI: A 'moderately critical' vulnerability has been detected in Microsoft's Windows Internet Name Service (WINS), a component of its most popular server software, including Windows NT 4.0 Server, Windows 2000 Server, and Windows Server 2003. Said an online report.


The vulnerability has been tagged as 'moderately critical' by Danish security firm Secunia, while SANS Institute's Internet Storm Center has advised the users to take precautions until a fix for the same is released.

According to a posting on Microsoft's support center, "this security issue could make it possible for an attacker to take control of a WINS server remotely." Microsoft has advised the network administrators to remove WINS if not required and/or block TCP and UDP ports 42 at the firewall.

More information on how-to protect WINS-running servers can be found on the Microsoft Web site.