Windows Articles

New Pharming Attack Now Exploitable on Microsoft Windows DNS Servers

New York, NY (PRWEB) November 13, 2007 -- Trusteer announced today that the Microsoft Windows DNS Server is vulnerable to a severe DNS cache poisoning vulnerability which allows immediate execution of pharming attacks on consumers. Attackers could steal users' credentials and execute fraudulent transactions through this particular attack mechanism.

The attack was originally revealed this July when Trusteer's CTO, Amit Klein cracked the popular BIND DNS server's random number generator. Following these discoveries, ISC, the consortium behind BIND, has released a patch for BIND 9 and declared end of life for version 8. It is now made public that the Microsoft Windows DNS Server, which is part of the Windows 2003 server, was cracked around the same time and is still vulnerable to the same attack.

The Domain Name System (DNS) translates domain addresses to IP addresses. It is a service consisting of a large number of DNS servers that store both domain addresses and their associated IP addresses. DNS servers communicate with one another to exchange address information. In order to avoid message spoofing, they base their communication on randomly generated transaction IDs.

A research paper released today by Trusteer's CTO Amit Klein, reveals a method of predicting the transaction ID generated by Microsoft Windows DNS servers. By forecasting such transaction IDs, attackers can forge DNS messages and push bogus IP addresses into the DNS system. As a result, consumers would be directed to fraudulent websites each time they try to access legitimate websites. The fraudulent website can be used to steal user credentials and to execute fraudulent transactions.

"This attack especially concerns online financial organizations and merchants" claims Klein. "Attackers can target large ISP networks and direct all users of a specific bank in that network to a fraudulent website. There is nothing the user or the bank can do to stop this attack."

Recommendations

Trusteer advises ISPs and Enterprises that manage a Microsoft DNS Server in a caching configuration to apply the latest patch released by Microsoft. Existing antivirus and desktop security solutions cannot protect against this type of attacks since DNS cache poisoning does not involve the user's computer or the DNS server but rather the cached data on the DNS server. Trusteer's Rapport, a solution for online banks, brokerages, and retailers, which strongly authenticates the destination website and prevents access to unauthenticated websites, defeats this dangerous attack.

Further Information

The vulnerability was first reported to Microsoft on April 30th 2007.

A fix was released by Microsoft on November 13h 2007

Affected systems: Microsoft Windows DNS Server (part of Windows 2003 and Windows 2000 servers)

Trusteer's research paper is available at: http://www.trusteer.com/docs/microsoftdns.html

About Trusteer

Trusteer is a privately held corporation founded by senior Internet security industry executives with specific expertise in enterprise and consumer desktop security. The firm's flagship product, Rapport, helps online banks, brokerages, and retailers secure the consumer desktop from identity theft and financial fraud attacks such as financial Trojans, keyloggers, pharming, and phishing. Unlike conventional approaches which provide only partial solutions, Trusteer's revolutionary prevention approach protects by controlling the risks involved in numerous client-side threats.

Contact:

Rakesh Loonkar

Trusteer

+1(646)247-5669

# # #

Other Article Sites

findabook.com  moneycd.info  a-mortgage.info   about-lemon-laws.info  aboutstudentloans.info
all-about-publishing.info  auctions-articles.info  bestcollege-university.com  bestispconnection.com
biblefolder.com  blogger-website.com  books-used.info  brokers-guide.info  buywindows.info  cable-dsl.info
career-miner.com  carpel-tunnel.info  cashinaflash.info  cashloanreviews.info  casinobell.com  chat-house.info
clearmycredit.info  collegeloantips.info  crones.info  depression-articles.info   dirnic.net  dishguides.info
divers-below.com  expodog.info   financewizz.com  fire-insurance.info  getgood.info  handleit.net   it-idea.info
health-supplies.info  hosting-right.com  insidealert.com  insurance-facts.info  jobs-employment.info
justgood.info  lookgold.net   lowcost-travel.info  money-source.info  myhostzone.info  numisblog.com
peoplesearchfinder.info  pr-articles.info  realeas.com   refinancing-guides.info  spyware-remove.info
telelot.info  the-law.info   toppaid.info  travel-deals.info  travelcorrect.com  wedding-guide-site.com
your-blog.info  your-credit.info

MORE ARTICLES:

Message Alert for Windows Mobile
We live in the age of information and communication. It means that even if we do not send much, we receive tons of information all the time. And mobile devices made it even worse  now you get e-mail messages, text messages and phone calls at any time and in any place. Switching the mobile device off is not a way out because the challenges of the modern life and especially business require us to stay in touch almost 24/7. The only way to somehow cut down this huge flow of incoming information is to filter it. And there is a great way to do it on our mobile devices. It's called Message Alerts 3.0 from the WebMessenger company.

Windows SharePoint Services : Why Microsoft Windows SharePoint Services?
Windows SharePoint Services is a versatile technology that organizations and business units of all sizes can use to increase the efficiency of business processes and improve team productivity. With tools for collaboration that help people stay connected across organizational and geographic boundaries, Windows SharePoint Services gives people access to information they need.

StormGARD Protected Windows Remain Intact Following Onslaught of Hurricane Ike
Hurricane season threatens both individuals and businesses alike, posing severe physical damage while also inflicting billions of dollars in insurance costs and taxes. With more hurricanes like Gustav and Ike hitting the United States this season, people need an effective and affordable means of avoiding shattering glass and the expensive cleanup that follow events of this magnitude.

SPAMfighter Now Protects Windows Vista and Windows Mail
SPAMfighter has just released a new version of SPAMfighter which will now support Windows Vista and Windows Mail.

GoGrid, the Largest Windows Server Cloud Hosting Provider, Broadens Windows Server 2008 Offering with PHP Stacks
Cloud Infrastructure provider, GoGrid (http://www.gogrid.com), releases several new Windows Server 2008 Cloud Servers complete with IIS 7, ASP.NET, PHP 5 and Microsoft SQL Server 2005 giving .NET developers the only current option to run optimized PHP and ASP.NET applications side-by-side in a Windows Cloud.

New Construction Windows Or Replacement Windows? Which Is Right For You?
Hello, my name is John Rocco.I grew up around the window and door business.

What Is Windows Messenger/Windows Live Messenger?
Microsoft Windows is the most popular operating system used by millions of users across the world The ability to establish network connection between any two computers via internet demands the need for instant messaging system

Home Improvement Windows - Why Windows Make An Excellent Home Improvement Project
If you're a homeowner, one of the best things you can do to increase the value of your house is to invest in home improvement windows. When you replace old windows with new versions that are well insulated and modern, people will instantly notice. It's amazing what new windows can do to make a home more attractive. When you combine your new windows with window treatments like shutters, blinds and curtains you can really transform the appearance of your house. If a person's eyes are the windows to his or her soul, the windows of your house are the...uh...windows to its soul. Whatever, I'm sure you get the point.

Recreate the Windows Explorer UI in Your Windows Forms and WPF Apps with Shell MegaPack.Net v2008 Controls and Components
LogicNP Software, a leading provider of components and controls, today announced the release of Shell MegaPack.Net v2008 for Windows Forms and WPF applications. Shell MegaPack is a set of components and user controls which enable developers to rapidly create a Windows Explorer like file and folder browsing UI in any Windows Forms or WPF application developed in C#, VB.Net or any other language supported by .Net such as Managed C++.

Windows XP Registry Cleaners  Want To Use the Best Windows XP Registry Cleaners
In need of a registry fix? I think I can help. Are you getting the windows blue screen? Wondering why is my computer so slow? Or perhaps software and hardware are not running properly and you are getting some kind of windows error message. Whatever the reason, we all need Windows XP registry cleaners at some point.

AMSCO Windows Launches New Artisan Series Vinyl Windows
The new innovative Artisan? Series vinyl windows feature breakthrough vinyl color technology. The window line has a unique beveled-design with equal sight lines and one of the industry's first new magnetic-action lock.

Windows x: Basic Windows "Security" Issues
Language development computer: Computer-based method for aiding language development seems like an interesting idea, the trick with this would be in getting the computer to take on part of the role of the human in the checking process.In all computer aided learning applications aimed at the very young, there is a danger that the computer may be seen as a replacement for a human instructor, however computer are notorious for not volunteering information or inability to deal with erratic behaviour.

Virginia Windows Contractor Launches Website To Help Homeowners Learn More About Replacement Windows
Prestige Windows and Doors today announced the launch of www.prestigewindowsdoors.com as an information portal for Virginia home owners to find information about maintenance and the exterior of their homes.

DataMind Srl Announces Jade 1.0 Digital Image Processing for Windows XP and Windows Vista
DataMind Srl is delighted to announce that Jade, their highly acclaimed digital image processing application, is now available also on Microsoft Windows platforms. Implementing state-of-the-art algorithms to enhance color, contrast and dynamic range, Jade is an easy-to-use image enhancement and batch processing tool that will automatically improve digital images. Following the success of Jade for Mac OS X and Jade Aperture edit plug-in, Jade is now available for Windows XP and Windows Vista.