14 DAY TRIAL // After the March Microsoft security update sabbatical, April has proved to be a harsh month for the Redmond Company. At the beginning of the month Microsoft made available an out of cycle release for the Windows Animated Cursor Handling vulnerability followed by the company's monthly patch cycle on April 10. And now, Christopher Budd, Security Program Manager with the Microsoft Security Response Center revealed that Microsoft is laboring on no less than 133 security patches designed to address the vulnerability in RPC on Windows DNS Server.
"For this issue, our teams are working on developing and testing 133 separate updates: one in every language for every currently supported version of Windows servers. Each of these has to be tested to ensure they effectively protect against the vulnerability. Because DNS is a critical part of the networking infrastructure, they also have to be tested to ensure that changes introduced by the updates don't pose a greater risk than the security issue we're addressing. We again encourage customers to deploy the workarounds discussed in the security advisory. These are effective against the attacks we've seen so far," Budd advised.
Budd additionally revealed that according to Microsoft's ongoing monitoring of the situation attacks are still not widespread. The Redmond Company set in motion its MSRA partners to ensure added protection for customers and also updated Windows Live Safety Scanner and Windows Live One Care.
Although Microsoft claims that attacks are still limited, Symantec, McAfee and Sophos have all warned of the fact that botnet operators are actively exploiting the DNS vulnerability. Security developer Sophos has in fact joined the ranks of Symantec and McAfee that have issued warnings since yesterday, in informing the public that the W32/Delbot-AI worm (also known as Nirbot or Rinbot) is actively exploiting the DNS vulnerability.
"This flaw in Microsoft's code has only been known about for a handful of days, and already there is a worm which is taking advantage of the problem in its attempt to infect as many PCs as possible. Time and time again hackers are forcing companies like Microsoft to scrabble around to develop, test and roll-out a software patch," said Graham Cluley, senior technology consultant for Sophos. "Businesses should ensure that their computers are properly configured, and protected with up-to-date anti-virus software, hardened firewalls and patches."
Budd stated that Microsoft was not prepared in giving an official estimate on when all the 133 security updates for the DNS vulnerability will be made available but he did point to May 8 as a possible release date.