Microsoft patches critical wormable SigRed bug in Windows DNS Server

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,172
Content source
https://www.bleepingcomputer.com/news/security/microsoft-patches-critical-wormable-sigred-bug-in-windows-dns-server/
A critical vulnerability that’s been sitting in Microsoft’s Windows DNS Server for almost two decades could be exploited to gain Domain Administrator privileges and compromise the entire corporate infrastructure behind it.

The vulnerability received the tracking identifier CVE-2020-1350 and the name SigRed. It is a remote code execution that affects Windows Server versions 2003 through 2019 and received the maximum severity rating, 10 out of 10.

It is wormable, meaning that an exploit can propagate automatically to vulnerable machines on the network with no user interaction. This characteristic puts it in the same risk category as EternalBlue in Server Message Block (SMB) and BlueKeep in the Remote Desktop Protocol (RDP).
Click to expand...
 
  • Like
  • +Reputation
  • Wow
Reactions: plat, Gandalf_The_Grey, SeriousHoax and 8 others
silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,172
www.bleepingcomputer.com

Federal agencies told to patch wormable Windows DNS bug in 24 hours

The Cybersecurity and Infrastructure Security Agency (CISA) today asked all U.S. federal executive branch departments and agencies to mitigate the critical SIGRed Windows DNS Server wormable remote code execution (RCE) vulnerability within 24 hours.
www.bleepingcomputer.com www.bleepingcomputer.com
"CISA has determined that this vulnerability poses unacceptable significant risk to the federal Civilian Executive Branch and requires an immediate and emergency action," the agency said in an emergency directive issued today.

"This determination is based on the likelihood of the vulnerability being exploited, the widespread use of the affected software across the Federal enterprise, the high potential for a compromise of agency information systems, and the grave impact of a successful compromise."

CISA's emergency directive requires agencies to update all endpoints running Windows Server operating systems within 24 hours (by 2:00 pm EST, Friday, July 17, 2020).
Click to expand...
 
  • Like
  • +Reputation
Reactions: CyberTech, plat, harlan4096 and 2 others
silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,172
www.bleepingcomputer.com

Critical SIGred Windows DNS bug gets micropatch after PoCs released

The critical remote code execution security vulnerability in Windows DNS known as SIGRed has received a micropatch for servers without an Extended Security Updates (ESU) license.
www.bleepingcomputer.com www.bleepingcomputer.com
blog.0patch.com

Micropatch Available for "SIGRed", the Wormable Remote Code Execution in Windows DNS Server (CVE-2020-1350)

by Mitja Kolsek, the 0patch Team This month's Patch Tuesday included a fix for CVE-2020-1350, a critical memory corruption vuln...
blog.0patch.com blog.0patch.com
 
  • Like
  • +Reputation
Reactions: upnorth, Gandalf_The_Grey and harlan4096
You must log in or register to reply here.

Similar threads

CyberTech
    • +Reputation
    • Like
Atlassian warns of exploit for Confluence data wiping bug, get patching
Replies
0
Views
642
News Archive
CyberTech
CyberTech
Bot
Security News Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool
Replies
0
Views
455
Security News
Bot
Bot
CyberTech
    • +Reputation
Security News Veeam warns of critical bugs in Veeam ONE monitoring platform
Replies
0
Views
1,079
Security News
CyberTech
CyberTech

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top