=====================================================================
                                    CERT-Renater

                         Note d'Information No. 2008/VULN124
_____________________________________________________________________

DATE                      : 09/04/2008

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Windows 2000, Windows XP, Windows Vista,
                              Windows Server 2003.

======================================================================

MS08-020  Vulnerability in DNS Client Could Allow Spoofing

This security update resolves a privately reported vulnerability. This
spoofing vulnerability exists in Windows DNS clients and could allow an
attacker to send specially crafted responses to DNS requests, thereby
spoofing or redirecting Internet traffic from legitimate locations.

This is an important security update for Windows Vista and all supported
editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003.

This security update addresses the vulnerability by increasing the
randomness of DNS transaction IDs.

Microsoft recommends that customers apply the update at the earliest
opportunity.

Affected Software
    o Windows Vista
    o Windows Vista x64 Edition
    o Windows Server 2003 Service Pack 2
    o Windows Server 2003 Service Pack 1
    o Windows Server 2003 x64 Edition Service Pack 2
    o Windows Server 2003 x64 Edition
    o Windows Server 2003 with SP2 for Itanium-based Systems
    o Windows Server 2003 with SP1 for Itanium-based Systems
    o Windows XP Service Pack 2
    o Windows XP Professional x64 Edition Service Pack 2
    o Windows XP Professional x64 Edition
    o Microsoft Windows 2000 Service Pack 4

Non-Affected Software
    o Windows Server 2008 (all editions)
    o Windows Vista Service Pack 1 (all editions)

Vulnerability Information
		
DNS Spoofing Attack Vulnerability  CVE-2008-0087

A spoofing vulnerability exists in Windows DNS clients. The vulnerability
could allow an unauthenticated attacker to send malicious responses to DNS
requests made by vulnerable clients, thereby spoofing or redirecting
Internet traffic from legitimate locations.

======================================================================

           =========================================================
           Les serveurs de référence du CERT-Renater
           http://www.urec.fr/securite
           http://www.cru.fr/securite
           http://www.renater.fr
           =========================================================
           + CERT-RENATER          | tel : 01-53-94-20-44          +
           + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
           + 75013 Paris           | email: certsvp@renater.fr     +
           =========================================================