PROTECT YOUR NETWORK FROM THIS WINS FLAW
Many organizations rely on the Windows Internet Naming Service (WINS)
to help manage complex Windows environments. WINS manages the association
of workstation names and locations with IP addresses, so the administrator
doesn't need to make each configuration change.
Earlier this month, Microsoft confirmed previously released information
that this service includes a buffer overrun flaw that can leave Windows
servers -- all versions, including Windows NT -- open to attack. In
order for the attack to be successful, the WINS service needs to be
Rated moderately critical, the flaw would potentially allow an attacker
to take control of a server and run code of his or her choice. While
Microsoft has not yet released a fix, it has suggested a workaround.
Until Microsoft can provide a fix for the flaw -- expected in the
company's December security update--it recommends that users who don't
use WINS disable this service. If you do use WINS, disable both TCP
port 42 and UDP port 42 at the perimeter firewall.
For more information about this issue, check out Microsoft Knowledge
Base article 890710.