News

Microsoft's DNS Fix Leads to More Problems

The blogosphere is awash with talk about the possible overall weakness of the Domain Name System (DNS) architecture.

The blogosphere is awash with talk about the possible overall weakness of the Domain Name System (DNS) architecture. For its part, Microsoft's released a DNS fix in its patch slate for July, but Redmond seems to have problems just getting it to end users. Moreover, some users of the DNS fix have experienced additional difficulties.

So far, since Microsoft's DNS fix was issued on July 10, there have been two separate problems associated with its installation.

The software giant disclosed last week, in a technical posting on its SBS services blog, that some users experienced interruptions in the Exchange Server services component of application stacks sitting on various Windows operating systems.

"Some customers have reported seeing random problems with services after installing MS08-037," the blog stated. MS08-037 is Microsoft's fix designed to stave off DNS cache exploits. Hackers can use this vulnerability to increase their chances of redirecting an unsuspecting user to a malicious Web site.

The blog indicated that notifications for Active Sync -- Microsoft's solution for synchronizing a mobile device with either a PC or server hardware running Exchange -- were failing. Also, Internet Protocol Security (IPsec) services and Internet Authentication Services (IAS) were failing to start.

Reached early Tuesday for comment, Microsoft would only confirm that this issue is separate from another glitch announced on July 10 -- an interoperability snafu associated with the ZoneAlarm security application made by Check Point Software Technologies. In response to the glitch, Check Point provided updates for all of its ZoneAlarm products.

Tyler Reguly, a security engineer for San Francisco-based nCircle, commented that Microsoft should be more transparent about issues like those outlined in the SBS services blog. Such descriptions went relatively under the radar, and could be considered highly technical, bordering on vague.

"It may take users quite a while to diagnose the problem and then they have to find this specific blog post," he said. "Microsoft should really be doing more to make people aware of the issue. The impact isn't as great as the recent WSUS issue, but this should be handled in the same way that was. It should be given its own KB number and a security advisory should be released, especially given that IPsec is potentially affected."

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • The 2020 Microsoft Product Roadmap

    From the next major update to Windows 10 to the next generations of .NET and PowerShell, here's what's on tap from Microsoft this year.

  • 2020 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss. (Now updated with COVID-19-related event changes.)

  • Microsoft Closing Most of Its Retail Stores

    Microsoft on Friday announced a major shift in its retail operations, with plans to close most of its physical Microsoft Store outlets in favor of online sales.

  • Matrix

    Microsoft, Harvard Describe Joint Privacy Initiative

    To facilitate data sharing while still preserving data privacy, Microsoft and Harvard have embarked on a set of open source tool called the "OpenDP Initiative."

RCP Update

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.