Microsoft Downplaying Recent DNS Vulnerability

Posted by kdawson on Monday April 28, 2008 @02:06PM from the it's-nothing-really dept.

Microsoft Watch writes "Microsoft downplays a recent DNS vulnerability in all Microsoft operating systems (XP, Vista, 2000, and 2003), claims Amit Klein, the security researcher who published the original vulnerability description (PDF) earlier this month. According to Klein, the description in Microsoft's Secure Windows Initiative blog entry is misleading, contains disinformation about the DNS transaction ID algorithm, and downplays the severity of the issue. Klein refutes Microsoft's claim that there is no way to reproduce the next transaction ID, given a series of observed transaction IDs. He shows that this is possible in his paper, which Microsoft had before publishing the SWI post, as well as on the series of data provided in the SWI blog itself."

3 of 93 comments (clear)

Min score:

Reason:

Sort:

anal sex by Anonymous Coward · 2008-04-28 14:07 · Score: -1, Offtopic

it wont do anything but make your dick stink
It's business as usual by bogaboga · 2008-04-28 14:19 · Score: -1, Offtopic

"Microsoft downplays a recent DNS vulnerability in all Microsoft operating systems (XP, Vista, 2000, and 2003), claims Amit Klein, the security researcher who published the original vulnerability description (PDF) earlier this month.
Question is, what would any other company do?
Now, for those Linux zealots, please just get [Desktop] Linux to just work. Doing this will give us a reference point from which to start seriously competing on the desktop. My hope is in the upcoming KDE. Let's wait and see.
Re:la la la la I CAN'T HEAR YOU la la la by springbox · 2008-04-28 15:01 · Score: -1, Offtopic

Bush Administration