MS04-039: Vulnerability in ISA Server 2000 and Proxy Server 2.0 could allow Internet content spoofing (888258)
The information in this article applies to:
- Microsoft Internet Security and Acceleration Server 2000 SP2
- Microsoft Internet Security and Acceleration Server 2000 SP1
- Microsoft Windows Small Business Server 2003, Premium Edition
- Microsoft Small Business Server 2000
- Microsoft Proxy Server 2.0 SP1
SUMMARY
Microsoft has released security bulletin MS04-039. This security bulletin contains all the relevant information about the security update, including file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites:
-
Home users:
-
IT professionals:
If you set the DNS cache size to zero, you effectively disable DNS caching on the affected system. This setting would prevent the affected software from using potentially spoofed data from the cache. The setting may have a negative performance effect on DNS resolution. Apply this setting only on systems that cannot apply the security update as a short-term workaround.
For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
889189
How to work around the ISA Server 2000 and Proxy Server 2.0 DNS cache spoofing vulnerability described in Microsoft Security Bulletin MS04-039
Known issues
For additional information about known issues that may occur when you install this security update, click the following article number to view the article in the Microsoft Knowledge Base:
890097
Multiple failures after you install Microsoft Security Update MS04-039
| Modification Type: | Major | Last Reviewed: | 5/15/2006 |
|---|
| Keywords: | kbQFE kbfix kbBug KbSECVulnerability kbSecurity KbSECBulletin kbHotfixServer KB888258 |
|---|
|