Hackers Hunt Down Unpatched Microsoft Servers

Hackers are stepping up attacks on Microsoft servers, including Windows Server 2003, in order to exploit a recently patched WINS security bug.

January 4, 2005

1 Min Read
Network Computing logo

A vulnerability within Microsoft's WINS (Windows Internet Naming Service), a component of popular server software such as Windows Server 2003, has been heavily exploited since the last day of 2004, several security organizations reported Tuesday.

Although the vulnerability was patched in mid-December by Microsoft, the Internet Storm Center and the Research and Education Networking Information Sharing and Analysis Center (REN-ISAC) at the Indiana University have seen a drastic increase in the number of probes directed at WINS services (TCP and UDP ports 42).

"Patching these systems is now overdue," said the SAN Institute's Internet Storm Center in an online alert.

"Additionally, WINS services probably should not cross your border router...so block these ports and keep the rif-raf out in case your local Windows Server Admins have not patched for this," the Center continued.

The patch for the WINS issue can be found on Microsoft's Web site.

Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like

More Insights