On a Windows Server 2003-based computer that has the update from security bulletin MS07-062 installed, you may experience the following symptoms:
•
A DNS server consumes increasing amounts of memory over time. In extreme cases, the DNS server may consume about 2.8 gigabytes (GB) of memory on an x86-based domain controller that has 4 GB of RAM installed.
•
A DNS server consumes more CPU resources than expected. In extreme cases, CPU utilization for the DNS server may reach 100 percent.
•
DNS stops responding after several days of run time. By restarting the operating system on the DNS server, or by restarting DNS, you enable DNS to function as expected until a certain threshold of leaked memory is reached again.
•
Computers that have the update from security bulletin MS07-062 installed become unresponsive to logon requests at the console. Or, they become unresponsive to administration from the local console or from a remote console.
•
Operations that depend on DNS name resolution fail. Such operations include, but are not limited to, logon requests (CTRL+ALT+DEL) from domain members, Active Directory replication, and mail flow.
•
DNS zones do not load, or they take longer than expected to load. Additionally, zone transfer may fail between primary and secondary DNS servers.
•
The following DNS event (111) is logged in the event log of DNS servers that have the update from MS07-062 installed:
Event Type: Error Event Source: DNS
Event Category: None Event ID: 111 User: N/A Computer: <computer name> Description:
The DNS server could not create a thread. System may be out of resources. You might close applications not in use, restart the DNS server or reboot your computer. The event data is the error code. Data:
0000: 08 00 00
Note The "08 00 00" extended error may appear as "000008" in the data section of the event.
A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.
If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.
Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:
Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.
Prerequisites
To apply this hotfix, you must be running Windows Server 2003 with Service Pack 1 (SP1) or Windows Server 2003 with Service Pack 2 (SP2).
Restart requirement
You must restart the computer after you apply this hotfix.
Hotfix replacement information
This hotfix does not replace any other hotfixes.
File information
The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
Windows Server 2003 with SP1, x86-based versions
File name
File version
File size
Date
Time
Platform
SP requirement
Dns.exe
5.2.3790.3112
445,952
27-Mar-2008
09:49
x86
SP1
W03a2409.dll
5.2.3790.3090
29,696
14-Feb-2008
09:41
x86
SP1
Windows Server 2003 with SP2, x86-based versions
File name
File version
File size
Date
Time
Platform
Dns.exe
5.2.3790.4262
445,952
27-Mar-2008
10:03
x86
Windows Server 2003 with SP1, Itanium-based versions
File name
File version
File size
Date
Time
Platform
SP requirement
Service branch
Dns.exe
5.2.3790.3112
1,134,080
28-Mar-2008
02:27
IA-64
SP1
Not Applicable
W03a2409.dll
5.2.3790.3090
28,672
28-Mar-2008
02:27
IA-64
SP1
Not Applicable
Wdns.exe
5.2.3790.3112
445,952
28-Mar-2008
02:27
x86
SP1
WOW
Ww03a2409.dll
5.2.3790.3090
29,696
28-Mar-2008
02:27
x86
SP1
WOW
Windows Server 2003 with SP2, Itanium-based versions
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
941672 (http://support.microsoft.com/kb/941672/)
MS07-062: Vulnerability in DNS could allow spoofing
For more information about the standard terminology that is used to describe Microsoft software updates, click the following article number to view the article in the Microsoft Knowledge Base:
824684 (http://support.microsoft.com/kb/824684/)
Description of the standard terminology that is used to describe Microsoft software updates
Need More Help? Contact a Support professional by Email, Online or Phone.
Customer Service For non-technical assistance with product purchases, subscriptions, online services, events, training courses, corporate sales, piracy issues, and more.
Newsgroups Pose a question to other users. Discussion groups and Forums about specific Microsoft products, technologies, and services.
Back to the top
