Microsoft has released a patch for a critical wormable bug affecting Windows DNS Server, which could allow attackers to seize control of targets' entire IT infrastructure.
According to the company, this remote code execution (RCE) bug, indexed as CVE-2020-1350, affects Windows Server versions 2003 through 2019. It is wormable, meaning that an exploit for the flaw can spread automatically from one vulnerable system to another on the network without requiring any user interaction.
CVE-2020-1350 could enable attackers to intercept users' emails and network traffic, steal users' credentials, and interfere with services by exploiting Windows' Domain Name System (DNS) Server. DNS is the protocol that maps web domain names to their corresponding IP addresses, thereby enabling a connection to the correct server.
"As the service is running in elevated privileges (SYSTEM), if exploited successfully, an attacker is granted Domain Administrator rights, effectively compromising the entire corporate infrastructure," Check Point researchers warned in an online post.
CVE-2020-1350 was discovered in May by Check Point researcher Sagi Tzadik, who named it SIGRed and reported it to Microsoft. According to Tzadik, the bug can be triggered by a malicious DNS response, which could lead to a heap-based buffer overflow.
Microsoft has assigned the vulnerability the highest possible risk score of 10 on CVSS. The bug is said to be existing in Microsoft's code for more than 17 years.
While there are no reports so far of the vulnerability being actively exploited at the moment, Check Point researchers warn that the situation might likely change in coming days.
"If I've understood the article correctly, calling it 'wormable' is actually an understatement," Vesselin Vladimirov Bontchev, a security expert stated on Twitter.
"It's suitable for flash worms a la Slammer, which infected the whole population of vulnerable computers on the Internet in something like 10 minutes flat."
By "unlikely" you mean "attackers are more likely to be motivated by $$$ than fame", right? Because, if I've understood the article correctly, calling it "wormable" is actually an understatement— Vess (@VessOnSecurity) July 14, 2020
Microsoft released the patch for the bug as part of its July Patch Tuesday roundup. The company is now advising Windows server customers to patch the bug as earliest as possible.
Microsoft is also offering a registry-based workaround that does not require restarting the server, but will help protect an affected Windows server.
"Because of the volatility of this vulnerability, administrators may have to implement the workaround before applying the security update in order to enable them to update their systems by using a standard deployment cadence," the company said.
Eighteen of them are listed as 'Critical'
0patch has released a free patch for older Windows machines
Critical security vulnerabilities impacted Bullguard's Antivirus and Secure Browser software, researcher claims
A major issue was found in the protection against malicious websites
Huawei targeted influential Britons to back its role in UK's 5G infrastructure, controversial dossier claims
The 86-page report is commissioned by a US film producer Andrew Duncan
The adware plants itself in the system partition, making it hard to delete