Security researchers have discovered a serious flaw in Windows’ Domain Name System software that users must patch immediately. Sagi Tzaik from Check Point found a way to run malicious code which can be used to hijack websites, intercept emails, steal private information and take sites offline. Microsoft has already acknowledged the issue and has issued a fix in today’s Patch Tuesday update, which it urges all users to download immediately.
The vulnerability has been codenamed SigRed and Check Point says it affects Windows Server versions from 2003 to 2019. Microsoft said that the flaw is “wormable,” enabling hackers to take over multiple machines at once and causing large amounts of damage. That’s especially a risk for big corporate customers that run their own platforms, especially since the exploit is fairly easy to take advantage of.
Check Point’s Omri Herscovici said in a statement that a “DNS server breach is a very serious thing,” since it “puts the attacker just one inch away from breathing the entire organization.” Herscovici added that the fact that the exploit was in the wild for “more than 17 years” means that it’s likely that other attackers may have found, and have taken advantage, of the issue.
This article was written by Daniel Cooper. For more content: https://www.engadget.com/check-point-sigred-microsoft-dns-exploit-200027095.html
