Fixlet Site - PatchesforWindows(Japanese)
Current Version: 174	Published: Wed, 18 Apr 2007 16:25:57  GMT
***************************************************************
Title: 935964: Vulnerability in RPC on Windows DNS Server Could Allow Remote Code Execution (Japanese)
Severity: <Unspecified>
Fixlet ID: 93596401
Fixlet Link: http://www.microsoft.com/technet/security/advisory/935964.mspx

Fixlet Description: Microsoft is investigating new public reports of a limited attack exploiting a vulnerability in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server and Windows Server 2003. This vulnerability could allow an attacker to run code in the security context of the Domain Name System Server Service, which by default runs as Local SYSTEM. 

Important Note: Deploying this action will restart the local DNS service.  Please schedule this action to occur at a time when a service interruption is acceptable.

Important Note: After implementing this change, remote management and configuration of DNS server functionality using RPC or WMI will be disabled.  Please take extra caution to qualify this change in a test environment prior to use in a production environment.

***************************************************************
Title: 935964: Vulnerability in RPC on Windows DNS Server Could Allow Remote Code Execution - Restore (Japanese)
Severity: <Unspecified>
Fixlet ID: 93596402
Fixlet Link: http://www.microsoft.com/technet/security/advisory/935964.mspx

Fixlet Description: Microsoft is investigating new public reports of a limited attack exploiting a vulnerability in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server and Windows Server 2003. This vulnerability could allow an attacker to run code in the security context of the Domain Name System Server Service, which by default runs as Local SYSTEM. The listed computers have run the action in Fixlet Message #93596401 "935964: Vulnerability in RPC on Windows DNS Server Could Allow Remote Code Execution - Restore", and are currently configured to restrict the DNS RPC interface to LPC-only. The action below restores the "RpcProtocol" registry key value to its original value.  If no "RpcProtocol" registry value was defined, the registry value will be deleted. 

Important Note: Deploying this action will restart the local DNS service.  Please schedule this action to occur at a time when a service interruption is acceptable.

Important Note: After implementing this change, the transport mechanisms allowed for the DNS RPC interface will change.  Please take extra caution to qualify this change in a test environment prior to use in a production environment.