Serviceteam IT Security News

The company urges organizations to waste no time in installing updates to fix the vulnerability that rates a ‘perfect’ 10 on the severity scale

Microsoft has released a patch addressing a vulnerability that has been present in Windows Domain Name System (DNS) Server for no fewer than 17 years. Dubbed SIGRed, this critical Remote Code Execution (RCE) vulnerability affects all Windows Server versions 2003 through 2019 and, if exploited, could be used to compromise a company’s entire IT infrastructure.

Tracked as CVE-2020-1350, the vulnerability was classified as “wormable” and earned the highest possible score of 10.0 on the Common Vulnerability Scoring System (CVSS) severity scale.

“Wormable vulnerabilities have the potential to spread via malware between vulnerable computers without user interaction,” said Mechele Gruhn, a principal security program manager at Microsoft. “While this vulnerability is not currently known to be used in active attacks, it is essential that customers apply Windows updates to address this vulnerability as soon as possible,” she added.

Much the same message was dispatched by the United States Cybersecurity and Infrastructure Security Agency (CISA).

The flaw, which can be triggered by a malicious DNS response, was discovered by Check Point researchers, who reported it to Microsoft in May. According to their detailed write-up, an attacker who can exploit the vulnerability would gain Domain Administrator rights and seize control of the target’s entire IT infrastructure. This could entail accessing and stealing documents and tampering with emails or network traffic. The likelihood of the vulnerability being exploited was deemed high.

SIGRed brings echoes of other wormable vulnerabilities, notably BlueKeep in Remote Desktop Protocol (RDP) as well as the vulnerability in the Server Message Block (SMB) protocol that was exploited by EternalBlue. The patch for the newly-identified vulnerability is part of Microsoft’s Patch Tuesday rollout, which fixed a total of 123 security flaws this month, including 18 rated as critical.

Source: HERE

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!