MS07-062: Vulnerability in DNS could allow spoofing

Microsoft has released security bulletin MS07-062. This security bulletin contains all the relevant information about the corresponding security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit the following Microsoft Web site: For home users, no-charge support is available by calling 1-866-PCSAFETY in the United States and Canada or by contacting your local Microsoft subsidiary. For more information about how to contact your local Microsoft subsidiary for security update support issues, visit the International Support Web site: For enterprise customers, support for security updates is available through your usual support contacts.

Known issues with this security update

On a Windows Server 2003-based computer that has security update 941672 installed, you may experience the following issues:

• A DNS server consumes increasing amounts of memory over time. In extreme cases, the DNS server may consume about 2.8 gigabytes (GB) of memory on an x86-based domain controller that has 4 GB of RAM installed.
• A DNS server consumes more CPU resources than expected. In extreme cases, CPU usage for the DNS server may reach 100 percent.
• DNS stops responding after several days of run time. When you restart the operating system on the DNS server or when you restart DNS, DNS functions as expected until a certain threshold of leaked memory is reached again.
• Computers that have security update 941672 installed become unresponsive to logon requests at the console. Or, they become unresponsive to administration from the local console or from a remote console.
• Operations that depend on DNS name resolution fail. Such operations include, but are not limited to, the following operations:
  • Logon requests (CTRL+ALT+DEL) from domain members
  • Active Directory directory service replication
  • Mail flow
• DNS zones do not load, or they take longer than expected to load. Additionally, zone transfer may fail between primary and secondary DNS servers.
• On DNS servers that have security update 941672 installed, the following event is logged in the event log:

  Event Type: Error
  Event Source: DNS
  Event Category: None
  Event ID: 111
  User: N/A
  Computer: computer name
  Description: The DNS server could not create a thread. System may be out of resources. You might close applications not in use, restart the DNS server or reboot your computer. The event data is the error code. Data: 0000: 08 00 00

  Note The "08 00 00" extended error code may appear as "000008" in the data section of the event.
  
  For more information, click the following article number to view the article in the Microsoft Knowledge Base:
  946565� On a Windows Server 2003-based computer that has the update from security bulletin MS07-062 installed, you may experience a memory leak in DNS