Microsoft Windows DNS Client Service Response Spoofing Vulnerability

info
discussion
exploit
solution
references

Microsoft Windows DNS Client Service Response Spoofing Vulnerability

Microsoft Windows operating systems are prone to a vulnerability that lets attackers spoof DNS clients. This issue occurs because the software fails to employ properly secure random numbers when creating DNS transaction IDs.

Successfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to redirect network traffic and to launch man-in-the-middle attacks.