Ridiculous. Already there's about 5 patches out for XP SP3 and at least one more to follow in the next two weeks. As always, be sure you read all the "Known issues" and "FAQ's" at this URL, especially in this one which is another patch that's potentially problematic: http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx . Looks like though the known problems with the patch may just be for 2000 Server and 2003 Server. Also the DNS Server part (under "Affected software") is NA for XP.* Personally, this is another one I'm probably not installing: "Mitigating Factors Cryptographic protocols operating above the TCP and IP layers, such as IPsec or SSL/TLS, may prevent an attacker from being able to monitor or interfere with redirected traffic." IPSEC should be on automatic by default (an XP Service), and SSL 2, 3, & TLS 1.0 should be checked under the "Advanced" tab in Internet Options. However, in the 2nd part of the vulnerability, "DNS Cache Poisoning Vulnerability", there are no Mitigating Factors or Workarounds. *But, for it they say: "What systems are primarily at risk from the vulnerability?" "Windows DNS servers are at risk." Which I take it to mean not typical Windows Desktop PC's. Any input welcome. -Clint TITLE: Microsoft Windows DNS Spoofing Vulnerabilities SECUNIA ADVISORY ID: SA30925 VERIFY ADVISORY: http://secunia.com/advisories/30925/ CRITICAL: Moderately critical IMPACT: Spoofing WHERE: From remote OPERATING SYSTEM: Microsoft Windows 2000 Advanced Server http://secunia.com/product/21/ Microsoft Windows 2000 Datacenter Server http://secunia.com/product/1177/ Microsoft Windows 2000 Professional http://secunia.com/product/1/ Microsoft Windows 2000 Server http://secunia.com/product/20/ Microsoft Windows XP Home Edition http://secunia.com/product/16/ Microsoft Windows XP Professional http://secunia.com/product/22/ Microsoft Windows Server 2003 Datacenter Edition http://secunia.com/product/1175/ Microsoft Windows Server 2003 Enterprise Edition http://secunia.com/product/1174/ Microsoft Windows Server 2003 Standard Edition http://secunia.com/product/1173/ Microsoft Windows Server 2003 Web Edition http://secunia.com/product/1176/ Microsoft Windows Server 2008 http://secunia.com/product/18255/ DESCRIPTION: Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to poison the DNS cache. 1) An error in the Windows DNS client and Windows DNS server due to insufficient socket entropy when performing DNS queries can be exploited to poison the DNS cache. 2) An error in the Windows DNS server may cause it to accept records from responses outside of the remote server's authority. This can be exploited via specially crafted responses to DNS requests to poison the DNS cache. SOLUTION: Apply patches. -- DNS Client -- Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?familyid=269c219c-9d6b-4b12-b621-c70cd07cdd22 Windows XP SP2/SP3: http://www.microsoft.com/downloads/details.aspx?familyid=ed989a33-7a9e-4423-93a8-b38907467cdf Windows XP Professional x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=a2b016fa-b108-4e8e-b41b-4ca89002907b Windows Server 2003 SP1/SP2: http://www.microsoft.com/downloads/details.aspx?familyid=4ef5033c-9843-4e0b-bfad-fcaf05d7dab9 Windows Server 2003 x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=66624a1f-38bf-4af7-936d-3131474ffe1f Windows Server 2003 SP1/SP2 for Itanium-based systems: http://www.microsoft.com/downloads/details.aspx?familyid=facc80da-61d6-49c5-872d-a1980b66ae3e -- DNS Server -- Windows 2000 Server SP4: http://www.microsoft.com/downloads/details.aspx?familyid=332aa92f-a1ad-42a0-87d0-485d2d41335b Windows Server 2003 SP1/SP2: http://www.microsoft.com/downloads/details.aspx?familyid=d1fcb794-e6a5-4c28-b3b3-9cd88f468a42 Windows Server 2003 x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=040a1ba8-21b0-439e-bf21-1acd1c43b162 Windows Server 2003 SP1/SP2 for Itanium-based systems: http://www.microsoft.com/downloads/details.aspx?familyid=c63e3ee6-6055-4313-b0f1-fec7408886bb Windows Server 2008 for 32-bit Systems: http://www.microsoft.com/downloads/details.aspx?familyid=1fcea8f4-b233-42e1-b913-c4fcae276c7b Windows Server 2008 for x64-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=afac5bbc-71fa-457b-8b0a-f5902d37bfd0 ORIGINAL ADVISORY: MS08-037 (KB953230): http://www.microsoft.com/technet/security/Bulletin/MS08-037.mspx ========================= The list's FAQ's can be seen by sending an email to PCWorks-request@xxxxxxxxxxxxx with FAQ in the subject line. To unsubscribe, subscribe, set Digest or Vacation to on or off, go to //www.freelists.org/list/pcworks . You can also send an email to PCWorks-request@xxxxxxxxxxxxx with Unsubscribe in the subject line. Your member list settings can be found at //www.freelists.org/cgi-bin/lsg2.cgi/l=pcworks . Once logged in, you have access to numerous other email options. The list archives are located at //www.freelists.org/archives/pcworks/ . All email posted to the list will be placed there in the event anyone needs to look for previous posts.