Tuesday, August 18, 2009

MS09-039 WINS Exploit in the Wild?

The SANS Internet Storm Center (ISC) is noting increased port 42 scans as reported by DShield. TCP 42 is typically used for WINS replication, so it makes sense that if someone is trying to exploit the vulnerabilities associated with MS09-039, they would target this particular port.

ISC also had someone who wished to remain anonymous report that there is an MS09-039 exploit in the wild.

If you have WINS-enabled servers out there and haven't rolled out the patch yet, it sounds like you're running out of time.


No comments:

Post a Comment

Please tell me what you think.