Welcome to the Virus Encyclopedia of Panda Security.
|worm, Trojan or backdoor. It is a group of important vulnerabilities in DNS and WINS Server which allows spoofing.|
DNS (Domain Name System) is a name system that allows to translate from domain to IP address and viceversa, and WINS is required for any environment in which users access resources that have NetBIOS names.
The affected versions are:
- DNS Server on Windows 2000/2003/2008.
- WINS Server on Windows 2000/2003.
If exploited successfully, MS09-008 allows hackers to redirect Internet traffic.
This vulnerability is usually exploited by sending specially crafted queries to a vulnerable DNS server or by registering WPAD or ISATP in the DNS or WINS database and pointing it to an IP address that the malicious user controls.
If you have any of the vulnerable components, it is recommended to download and apply the security patch for this vulnerability. Click here to access the web page for downloading the patch.