The Inquirer-Home
Software

Recent Microsoft patch useless

If you have been turned over already
By Nick Farrell
Mon Mar 16 2009, 14:09

VOLE SEEMS TO HAVE BOTCHED its MS09-008 patch which was designed to fix the Man-In-The-Middles attacks on Windows DNS and WINS. While it works for machines that have never seen or heard of the exploit, it cannot help those which have already been infected.

Tyler Reguly, a researcher on nCircle's VERT team, pointed out that the patch checks to see which entries have been created in the DNS server and only adds block list entries for values not already being served.

Vole said the patch worked like it was supposed to, and was not meant to protect people who had already fallen to the exploit... so there. μ

L'Inq
Tech Herald

Share this:

< Previous article| Next article >
blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

INQ White papers

Databases

Network management

Security

Service oriented architecture

Storage
Advertisement
INQ Jobs
INQ Poll

PRISM snooping programme uncovered

Will PRISM make you leave Facebook and Google?

View other polls
Follow us:
Business & Technology websites:
Business research resources:
Products:
Investment Market IT websites:
Find out what you are worth:
Search for a job:
Recruitment Agency A-Z Directory
Accreditations: