BlueLane Releases Threat Filter Update for Unpatched DNS Zero-Day
BlueLane -- a company whose products I've praised a few times before -- has released a signature update for their Internet threat filtering products. This update will protect networks against the still-unpatched Microsoft DNS zero-day vulnerabilty currently gaining some attention in the press.
If you lack a threat filter like the BlueLane product, you are currently in a "wait and pray" mode until Microsoft releases their patch. Conversely, implementation of one can be an excellent secondary mechanism in protecting your internal network from external exploit.
According to BlueLane's press release...
PatchPoint® Update #175 – April 13, 2007
Blue Lane has released a PatchPoint System update via the Blue Lane PatchPoint Update service. Each PatchPoint update is comprehensive; that is, all system components are updated. If you fall behind in installing PatchPoint updates, the most current update covers all previous updates. The inline patch update in this release may also feature ongoing PatchPoint system improvements, including performance and state machine enhancements.
Blue Lane Inline Patch Additions
Microsoft — Addresses an unpatched vulnerability in RPC on Windows DNS Server affecting various versions of Microsoft Windows.
Microsoft BL-9999969 (No Vendor Patch Available)
A buffer overflow vulnerability has been reported in the Microsoft Domain Name System (DNS) Server Service. An attacker who successfully exploits this vulnerability could run arbitrary code and take over the system (CVE-2007-1748). No vendor patch is available yet.