Another Off-Cycle Microsoft Patch Coming -- This Time its DNS...
According to the Dark Reading web site:
Microsoft's Windows 2000 Server Service Pack 4, Windows Server 2003 Service Pack 1, and Microsoft 2003 Service Pack 2 are all at risk of the attack. And according to published reports today, the bug also is found in Longhorn Server.Microsoft says it may issue another off-cycle patch for this one, but in the meantime users should disable remote management over RPC for the DNS server using a registry-key setting; block inbound (and unsolicited) traffic on ports 1024-5000 with IPSec or a firewall; and turn on the advanced TCP/IP filtering options on the server.
The catch: Each of these options could "break" some tools.
The full article is available at: http://www.darkreading.com/document.asp?doc_id=121776&f_src=darkreading_section_296