Microsoft has re-released a security patch for Internet Security and Acceleration (ISA) Server after a major code revision.
The updated patch, first released on 9 November, is for ISA Server 2000 and Microsoft Proxy Server 2.0. Details can be found here.
Users of Microsoft Small Business Server 2003 Premium Edition and Small Business Server 2000 are also advised to patch since this software uses the ISA code.
The patch is intended to plug a hole that could allow hackers to pretend that their code had been cleared as trusted content.
Microsoft warned that the flaw could be used to allow malicious software to be embedded in web pages that appear legitimate to casual users.
The company has also published a workaround for those unable or unwilling to patch. Microsoft recommends setting the DNS cache size to zero, effectively disabling DNS caching on the affected system.
This would prevent the affected software from using potentially spoofed data from the cache, but may have negative performance impact on DNS resolution.
Ecostress instrument will provide new insights into water usage and plant health on Earth
Chinese cyber espionage group Thrip targeting satellite communications, telecoms and defence companies
Symantec warning over state-sponsored hackers targeting satellite operators' control systems
Letter to House of Commons Treasure Committee explains cause of payments glitch earlier this month
Would you want to live in a world without memes?