News

Microsoft's DNS Fix Leads to More Problems

The blogosphere is awash with talk about the possible overall weakness of the Domain Name System (DNS) architecture.

The blogosphere is awash with talk about the possible overall weakness of the Domain Name System (DNS) architecture. For its part, Microsoft's released a DNS fix in its patch slate for July, but Redmond seems to have problems just getting it to end users. Moreover, some users of the DNS fix have experienced additional difficulties.

So far, since Microsoft's DNS fix was issued on July 10, there have been two separate problems associated with its installation.

The software giant disclosed last week, in a technical posting on its SBS services blog, that some users experienced interruptions in the Exchange Server services component of application stacks sitting on various Windows operating systems.

"Some customers have reported seeing random problems with services after installing MS08-037," the blog stated. MS08-037 is Microsoft's fix designed to stave off DNS cache exploits. Hackers can use this vulnerability to increase their chances of redirecting an unsuspecting user to a malicious Web site.

The blog indicated that notifications for Active Sync -- Microsoft's solution for synchronizing a mobile device with either a PC or server hardware running Exchange -- were failing. Also, Internet Protocol Security (IPsec) services and Internet Authentication Services (IAS) were failing to start.

Reached early Tuesday for comment, Microsoft would only confirm that this issue is separate from another glitch announced on July 10 -- an interoperability snafu associated with the ZoneAlarm security application made by Check Point Software Technologies. In response to the glitch, Check Point provided updates for all of its ZoneAlarm products.

Tyler Reguly, a security engineer for San Francisco-based nCircle, commented that Microsoft should be more transparent about issues like those outlined in the SBS services blog. Such descriptions went relatively under the radar, and could be considered highly technical, bordering on vague.

"It may take users quite a while to diagnose the problem and then they have to find this specific blog post," he said. "Microsoft should really be doing more to make people aware of the issue. The impact isn't as great as the recent WSUS issue, but this should be handled in the same way that was. It should be given its own KB number and a security advisory should be released, especially given that IPsec is potentially affected."

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • How To Fix the Hyper-V Read Only Disk Problem

    DOS might seem like a relic now, but sometimes it's the only way to fix a problem that Windows seems ill-equipped to deal with -- like this one.

  • Microsoft Warns IT Pros on Windows Netlogon Fix Coming Next Month

    Microsoft on Thursday issued a reminder to organizations to ensure that their systems are properly patched for a "Critical"-rated Windows Netlogon vulnerability before next month's "update Tuesday" patch distribution arrives.

  • Microsoft Nudging Skype for Business Users to Teams

    Microsoft on Thursday announced some perks and prods for Skype for Business unified communications users, with the aim of moving them to the Microsoft Teams collaboration service instead.

  • How To Improve Windows 10's Sound and Video Quality

    Windows 10 comes with built-in tools that can help users get the most out of their sound and video hardware.

comments powered by Disqus