Microsoft is patching a dangerous Windows DNS Server exploit2020-07-14 18:35 by Daniela
Tags: DNS, bug, Microsoft
Microsoft is issuing a patch for a severe and wormable Windows Domain Name System Server vulnerability that could allow attackers to execute arbitrary code against targets and gain control of targets' entire IT infrastructure.
It turns out that the bug is 17 years old. Impacted are Windows Server versions from 2003-2019. The bug, found by researchers at Check Point, received a severity warning of 10 – the highest allowed. Most concerning to researchers however is that the bug is wormable, meaning a single exploit of the flaw can trigger a chain reaction that allows attacks to spread from one computer to another.
The vulnerability would allow hackers to intercept and interfere with users' emails and network traffic, tamper with services, and steal users' credentials, by exploiting Windows' Domain Name System (DNS) Server; DNS is essentially the protocol that translates between website names and their corresponding IP addresses.
"Wormable vulnerabilities have the potential to spread via malware between vulnerable computers without user interaction," explains Mechele Gruhn, a principal security program manager at Microsoft. "Windows DNS Server is a core networking component. While this vulnerability is not currently known to be used in active attacks, it is essential that customers apply Windows updates to address this vulnerability as soon as possible."
This particular security flaw is located in Windows Domain Name System Security Extensions (DNSSEC), which strengthens DNS authentication. Without DNSSEC, it's much easier for a hacker to intercept DNS queries and redirect you to a fake website that might trick you to enter personal information, like your credit card number or social security number, and steal your identity. Small and medium online retail businesses that use Windows DNS could be especially vulnerable to SigRed.
Read more -here-