It seems today is the day for big vulnerability discoveries. Following Twitter’s big hack comes news that Microsoft has also discovered a compromise in Windows DNS. If you as part of a big company that runs Windows-based servers, then expect there to be some updates happening behind the scenes that will probably have no direct consequence for you. If you are an actual system administrator though, then the following news is probably more relevant to you a Microsoft has announced the discovery of a new wormable vulnerability in Windows DNS.
The new vulnerability essentially allows attackers to create special malware that remotely executes code on Windows servers and creates malicious DNS queries that could even eventually lead to a company’s infrastructure being breached. Something which is incredibly severe, which is why Microsoft has assigned the highest risk score of 10 on the Common Vulnerability Scoring System (CVSS). As detailed by Mechele Gruhn, a principal security program manager at Microsoft:
Wormable vulnerabilities have the potential to spread via malware between vulnerable computers without user interaction. Windows DNS Server is a core networking component. While this vulnerability is not currently known to be used in active attacks, it is essential that customers apply Windows updates to address this vulnerability as soon as possible
Interestingly, the vulnerability has actually been there for seventeen years. Researchers at Check Point discovered the security flaw in Windows DNS and reported it to Microsoft back in May. If left unpatched, it leaves Windows servers vulnerable to attacks, although Microsoft notes that it hasn’t found evidence that this flaw is being exploited yet.
Microsoft has a patch ready for this and with news of the vulnerability public knowledge, its best to ensure that those servers get their latest round of patching ASAP to ensure the security vulnerability is taken care of. This vulnerably does not affect Windows 10 or any other client version of Windows, which is a good thing because a vulnerability of this nature would be a big risk to security and with many people not keen on patching their Windows, it would likely remain in the open.
Last Updated: July 16, 2020