Microsoft Watch writes "Microsoft downplays a recent DNS vulnerability in all Microsoft operating systems (XP, Vista, 2000 and 2003), claims Amit Klein, the security researcher who published the original vulnerability description earlier this month.
According to Klein, the description in Microsoft's Secure Windows Initiative blog entry is misleading and contains disinformation about the DNS transaction ID algorithm, and downplays the severity of the issue by claiming that there is no way to reproduce the next transaction ID, given a series of observed transaction IDs. Klein, however, shows that this is possible in his paper, as well as on the series of data provided in the SWI blog itself."
This discussion was created for logged-in users only, but now has been archived.
No new comments can be posted.
Microsoft cover-up of recent DNS vulnerability 0 Comments More Login /
Get More Comments