Intrusion Prevention

MS.Windows.WINS.Server.Remote.Memory.Corruption

Description

This indicates an attack attempt against a Memory Corruption in WINS Server in Microsoft Windows Server.
The vulnerability is due to the application improper handling of multiple pending sessions with WINS Replication packet. A remote attacker may be able to exploit this to cause a denial of service condition on the affected system.

Affected Products

Windows Server 2008
Windows Server 2012
Windows Server 2016

Impact

Denial of Service: Remote attackers can crash WINS server.

Recommended Actions

Microsoft recommends users using DNS to replace WINS.