WINS Exploit Posted -- Redmond Channel Partner

WINS Exploit Posted

By Scott Bekker
November 29, 2004

Security experts are warning users to lock down unused ports after an exploit surfaced for an unpatched flaw in Microsoft WINS.

"There is some activity with irresponsible released exploits against WINS. As a precaution [until] Microsoft gets a chance to release a patch for it, we can only reiterate the urgent and continued need to make sure you block the unneeded ports in your firewalls (either the XP2 or the corporate firewall)," the SANS Insitute handler on duty wrote in the security training company's daily security diary on Sunday.

Candidate ports for lockdown are port 42, 137-139 and 445, both TCP and UDP.

While it's unclear how big of a threat the vulnerability poses, the existence of exploit code makes the issue worth taking seriously. Microsoft's next Patch Tuesday, the day each month when the company releases all of its security patches, doesn't fall until Dec. 14.

A Microsoft spokesperson said, "Microsoft is currently already working on providing an update to address this vulnerability as part of our normal monthly update process. As soon as this update has reached an appropriate level of quality so that customers may deploy it with confidence, Microsoft will provide the update through Windows Update, either through the monthly release process or as an out-of-band update depending on quality and customer needs."

WINS stands for Windows Internet Naming Service. The service translates NetBIOS names, the easily remembered Windows machine names, to corresponding IP addresses. Microsoft has been phasing the technology out since launching Windows 2000, but the service remains fairly common.

The Microsoft spokesperson noted that WINS is not enabled by default and isn't normally configured on Internet facing servers. The spokesperson said Microsoft has not been made aware of any active exploits or customer impacts so far.

Microsoft has a Knowledge Base article (890710) about the issue at http://support.microsoft.com/kb/890710.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Free Webcast! Learn about Password Management Best Practices

Featured

Microsoft Announces Designer Support for Teams

Microsoft Teams will be receiving new and updated features, including support for its AI-powered Designer tool.
Windows 11 To Get Token Protection, Windows 365 Boot and Windows Autopatch

Windows 11 users are getting new features, which are expected to arrive at latest in July, per a Microsoft announcement this week.
Microsoft Edge Getting Copilot AI, plus Dev and Management Perks

The Microsoft Edge browser is getting lots of enhancements, as announced this week at Microsoft Build.
Microsoft Releases Multiple Products at Build 2023 Event

Multiple Microsoft products reached "general availability" (GA), or commercial release, at the Microsoft Build event for developers ongoing this week.

RCP Update

Email Address*Country*

Please type the letters/numbers you see above.

WINS Exploit Posted

Featured

Microsoft Announces Designer Support for Teams

Windows 11 To Get Token Protection, Windows 365 Boot and Windows Autopatch

Microsoft Edge Getting Copilot AI, plus Dev and Management Perks

Microsoft Releases Multiple Products at Build 2023 Event

2023 Microsoft Conference Calendar: For Partners, IT Pros and Developers

Microsoft Announces Designer Support for Teams

The 'Influencer MSP' Approach to New Products

Microsoft Planning Additional Job Cuts in May

Windows 11 To Get Token Protection, Windows 365 Boot and Windows Autopatch

2023 Microsoft Conference Calendar: For Partners, IT Pros and Developers

Microsoft Announces Designer Support for Teams

The 'Influencer MSP' Approach to New Products

Microsoft Planning Additional Job Cuts in May

Windows 11 To Get Token Protection, Windows 365 Boot and Windows Autopatch

Partner Guides

Partner's Guide to the Windows Server 2008 Deadline

Partner's Guide to Office 365 Security Costs

Partner's Guide to UCaaS

Partner's Guide to Starter Workloads in Azure

Partner's Guide to Microsoft's Fiscal Year 2019

FREE WEBCASTS FROM OUR SPONSORS

Cloud Security 101 for MSPs: How to Safeguard Customer Data in Azure and Microsoft 365

Service Providers: Capture the AWS and Azure BaaS Opportunity

Coffee Talk: Top Email Security Threats in 2023: What Partners Need to Know

Extend Veeam-powered BaaS to Microsoft 365

FREE WHITE PAPERS FROM OUR SPONSORS

10 Keys to Protecting Your Microsoft 365 Data

Expand your Portfolio with BaaS for Public Cloud

The Evolution of Endpoint Detection and Response (EDR) - Datto EDR Buyers Guide

Achieving Ransomware Resiliency with BaaS and DRaaS