MS07-062: Vulnerability in DNS could allow spoofing

Article translations Article translations
Article ID: 941672 - View products that this article applies to.
Expand all | Collapse all

On This Page

INTRODUCTION

Microsoft has released security bulletin MS07-062. This security bulletin contains all the relevant information about the corresponding security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit the following Microsoft Web site:
http://www.microsoft.com/technet/security/bulletin/ms07-062.mspx
Support is available by contacting your local Microsoft subsidiary. For more information about how to contact your local Microsoft subsidiary for security update support issues, visit the International Support Web site:
http://support.microsoft.com/common/international.aspx
For enterprise customers, support for security updates is available through your usual support contacts.

More information

Known issues with this security update

On a Windows Server 2003-based computer that has security update 941672 installed, you may experience the following issues:
  • A DNS server consumes increasing amounts of memory over time. In extreme cases, the DNS server may consume about 2.8 gigabytes (GB) of memory on an x86-based domain controller that has 4 GB of RAM installed.
  • A DNS server consumes more CPU resources than expected. In extreme cases, CPU usage for the DNS server may reach 100 percent.
  • DNS stops responding after several days of run time. When you restart the operating system on the DNS server or when you restart DNS, DNS functions as expected until a certain threshold of leaked memory is reached again.
  • Computers that have security update 941672 installed become unresponsive to logon requests at the console. Or, they become unresponsive to administration from the local console or from a remote console.
  • Operations that depend on DNS name resolution fail. Such operations include, but are not limited to, the following operations:
    • Logon requests (CTRL+ALT+DEL) from domain members
    • Active Directory directory service replication
    • Mail flow
  • DNS zones do not load, or they take longer than expected to load. Additionally, zone transfer may fail between primary and secondary DNS servers.
  • On DNS servers that have security update 941672 installed, the following event is logged in the event log:

    Event Type: Error
    Event Source: DNS
    Event Category: None
    Event ID: 111
    User: N/A
    Computer: computer name
    Description: The DNS server could not create a thread. System may be out of resources. You might close applications not in use, restart the DNS server or reboot your computer. The event data is the error code. Data: 0000: 08 00 00

    Note The "08 00 00" extended error code may appear as "000008" in the data section of the event.

    For more information, click the following article number to view the article in the Microsoft Knowledge Base:
    946565 On a Windows Server 2003-based computer that has the update from security bulletin MS07-062 installed, you may experience a memory leak in DNS

Properties

Article ID: 941672 - Last Review: July 18, 2012 - Revision: 4.0
Applies to
  • Microsoft Windows Server 2003 Service Pack 2, when used with:
    • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
    • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
    • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
    • Microsoft Windows Server 2003, Web Edition
    • Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
    • Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
    • Microsoft Windows Server 2003, Datacenter x64 Edition
    • Microsoft Windows Server 2003, Enterprise x64 Edition
    • Microsoft Windows Server 2003, Standard x64 Edition
  • Microsoft Windows Server 2003 Service Pack 1, when used with:
    • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
    • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
    • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
    • Microsoft Windows Server 2003, Web Edition
    • Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
    • Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
  • Microsoft Windows Server 2003 R2 Datacenter Edition (32-Bit x86)
  • Microsoft Windows Server 2003 R2 Datacenter x64 Edition
  • Microsoft Windows Server 2003 R2 Enterprise Edition (32-Bit x86)
  • Microsoft Windows Server 2003 R2 Enterprise x64 Edition
  • Microsoft Windows Server 2003 R2 Standard Edition (32-bit x86)
  • Microsoft Windows Server 2003 R2 Standard x64 Edition
  • Microsoft Windows Server 2003, Datacenter x64 Edition
  • Microsoft Windows Server 2003, Enterprise x64 Edition
  • Microsoft Windows Server 2003, Standard x64 Edition
Keywords: 
kbexpertiseadvanced kbqfe kbsecurity kbsecbulletin kbsecvulnerability kbbug kbfix KB941672

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com