域名行业新闻 域名应用/周边 抢注/争议报道 成功交易报道 拍卖叫价新闻 域名时事评析 域名商家动态 域名人物档案
返回首页

Microsoft Issues Domain-Related Security Alert

时间:2007-12-06 03:41   来源:Internet News   作者:Andy Patrizio
Microsoft on Monday issued a warning concerning a vulnerability in how Windows resolves hostnames, and is offering steps for systems administrators to work around the problem until a fix is issued. The issue affects hostnames that do not include a f

Microsoft on Monday issued a warning concerning a vulnerability in how Windows resolves hostnames, and is offering steps for systems administrators to work around the problem until a fix is issued.

The issue affects hostnames that do not include a fully qualified domain name (FQDN). A fully qualified domain name is a domain name that specifies the node's position in the DNS tree hierarchy and is often used for sub sections of domains or for functions. A fully qualified domain is distinguishable by a period after the top-level extension, like ".com."

This means third-level domains or deeper are vulnerable, such as mail.domainname.com or us.dbase.domainname.com. There are, however, mitigating factors, as detailed on the Microsoft Security Research Center alert page.

Microsoft has also issued several suggested workarounds until a patch is issued. These include creating a Proxy Auto-Configuration file, disabling Automatically Detect Settings in Internet Explorer, disabling DNS devolution and configuring a domain suffix search list.

Microsoft has not received any reports of customers being impacted by the vulnerability. It said it will decide what steps to take upon completion of its investigation. This could include issuing an out-of-cycle security update or simply waiting until Patch Tuesday, depending on customer needs. The next Patch Tuesday will be December 11.

责任编辑:米尊 

顶一下
(0)
0%
踩一下
(0)
0%
------分隔线----------------------------
相关内容关键词:Microsoft,


推荐内容
  • Domain name disputes

    Disputes involving domain names happen everyday, including ones involving .vn dom...

赞助商广告