MS WINS server vulnerability

I received this email from a friend of mine at Microsoft.


Microsoft is investigating reports of a security issue with Microsoft Windows Internet Name Service (WINS). This security issue affects Microsoft Windows NT 4.0 Server, Microsoft Windows NT Server 4.0 Terminal Server Edition, Windows 2000 Server, and Windows Server 2003. Windows 2000 Professional, Windows XP and Windows Millennium Edition (ME) are not affected by this vulnerability. Also, by default, WINS is not installed on any versions of Microsoft Windows.

This security issue could make it possible for an attacker to take control of a WINS server remotely. As of November 26, 2004, Microsoft is not aware of this security issue affecting any customers.

Microsoft has posted a Microsoft Knowledge Base article, 890710, that contains this information.

The Knowledge Base article is available here:
http://support.microsoft.com/kb/890710

People still use WINS?

Quote:

---

Originally posted here by chsh
People still use WINS?

---

Yes, WINS is still very much alive.
It still has great value with things like cross router authentication to NT 4 style domain controllers for older windows and DOS clients.

The US military is but one example of many large organizations still using such dated technology.

As far as simple network information services go, WINS worked pretty well for me over the years even tho it earned a bad rep.