Windows dynamic DNS update mechanism


The dynamic DNS update mechanism within the DNS Server service in Microsoft Windows does not properly authenticate clients. This occurs with certain configurations, and can allow remote attackers to change DNS records for a web proxy server and conduct man-in-the-middle (MITM) attacks on web traffic. The can also use this flaw to conduct pharming attacks by poisoning DNS records, and cause a denial of service attack.

Additional Resources

MILW0RM: Advisory 3544