RCPmag

Open Menu Open Menu


News

WINS Exploit Posted

Security experts are warning users to lock down unused ports after an exploit surfaced for an unpatched flaw in Microsoft WINS.

"There is some activity with irresponsible released exploits against WINS. As a precaution [until] Microsoft gets a chance to release a patch for it, we can only reiterate the urgent and continued need to make sure you block the unneeded ports in your firewalls (either the XP2 or the corporate firewall)," the SANS Insitute handler on duty wrote in the security training company's daily security diary on Sunday.

Candidate ports for lockdown are port 42, 137-139 and 445, both TCP and UDP.

While it's unclear how big of a threat the vulnerability poses, the existence of exploit code makes the issue worth taking seriously. Microsoft's next Patch Tuesday, the day each month when the company releases all of its security patches, doesn't fall until Dec. 14.

A Microsoft spokesperson said, "Microsoft is currently already working on providing an update to address this vulnerability as part of our normal monthly update process. As soon as this update has reached an appropriate level of quality so that customers may deploy it with confidence, Microsoft will provide the update through Windows Update, either through the monthly release process or as an out-of-band update depending on quality and customer needs."

WINS stands for Windows Internet Naming Service. The service translates NetBIOS names, the easily remembered Windows machine names, to corresponding IP addresses. Microsoft has been phasing the technology out since launching Windows 2000, but the service remains fairly common.

The Microsoft spokesperson noted that WINS is not enabled by default and isn't normally configured on Internet facing servers. The spokesperson said Microsoft has not been made aware of any active exploits or customer impacts so far.

Microsoft has a Knowledge Base article (890710) about the issue at http://support.microsoft.com/kb/890710.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Microsoft Opens Azure Sentinel Marketplace for Partner Solutions

    Microsoft recently announced preview releases of several Azure Sentinel improvements, including connectors for partner solutions within Azure Sentinel.

  • 2021 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • The 2021 Microsoft Product Roadmap

    From Windows 10X to the next generation of Microsoft's application server products, here are the product milestones coming down the pipeline in 2021.

  • After High-Profile Attacks, Biden Calls for Better Software Security

    Recent high-profile security attacks have prompted the Biden administration to issue an executive order aiming to tighten software security practices across the board.

Most   Popular