Wednesday, August 19, 2009

Windows WINS server attack coming from China

Yesterday, John Fontana reported that the vulnerability in the WINS service on Windows server was being exploited, and now researchers have found that the attacks are coming from China, despite some troubles with the undersea cables linking China to other parts of the world.

Attacks on the WINS service vulnerability in Windows Server are coming from China, but so far are not widespread, according to the Internet Storm Center.

The ISC, which is run by the SANS Institute, says they have only been able to collect limited information on the attacks, but confirmed that they are coming from IP addresses inside China.

The WINS service vulnerability was revealed last week when Microsoft issued patch MS09-039 as part of its regular Patch Tuesday release cycle

The vulnerability was rated as "critical."

Bojan Zdrnja, who is the current Handler on duty at the ISC, said in an email response that the ISC has received "several confirmations that the attacks appear to be real, and targeted against WINS servers that have not been patched with the MS09-039 patch."

He said ISC data shows that there is scanning going on, but so far there is no evidence of a widespread attack.

No comments:

Post a Comment