Microsoft urges patching severe-impact, wormable server vulnerability
17-year-old DNS flaw requires no user interaction and may be exploited soon. …
reader comments
31 with 24 posters participating, including story author
Microsoft is urgently advising Windows server customers to patch a vulnerability that allows attackers to take control of entire networks with no user interaction and, from there, rapidly spread from computer to computer.
The vulnerability, dubbed SigRed by the researchers who discovered it, resides in Windows DNS, a component that automatically responds to requests to translate a domain into the IP address computers need to locate it on the Internet. By sending maliciously formed queries, attackers can execute code that gains domain administrator rights and, from there, take control of an entire network. The vulnerability, which doesn’t apply to client versions of Windows, is present in server versions from 2003 to 2019. SigRed is formally tracked as CVE-2020-1350. Microsoft issued a fix as part of this month’s Update Tuesday.
Both Microsoft and the researchers from Check Point, the security firm that discovered the vulnerability, said that it’s wormable, meaning it can spread from computer to computer in a way that’s akin to falling dominoes.
Continue reading – Article source