Major news has been revealed this week that Check Point, an Israeli Security Firm, discovered a vulnerability in Microsoft’s domain name system protocol (DNS). Most alarming is that the bug has existed for roughly 17 years. It is advised that every company take immediate action in patching the vulnerability, which has been termed SigRed. It has the potential to become ‘wormable’ which means it can “spread from one machine to another with no human interaction.”
The SigRed vulnerability in Windows DNS operates with data that is crucial for key exchange in DNSSEC — the secure version of DNS. Cybercriminals can take advantage of the data access and utilize Windows DNS to fully infiltrate a server. Microsoft and Check Point have made it clear in their statements that this bug is “critical, a 10 out of 10 on the common vulnerability scoring system, an industry-standard severity rating.” Virtually all small and medium-sized enterprises in the world use Windows DNS, which elevates the severity and gravity of this discovery.
Here's a statement from Alvaka Senior Systems Architect, Chris Cartwright:
Original article posted on Wired – Hack Brief: Microsoft Warns of 17-Year-Old ‘Wormable’ Bug
Additional information on ZDNet – DHS CISA tells government agencies to patch Windows Server DNS bug within 24h
Cybercriminals can leverage SigRed and transform it into the next WannaCry — a worldwide cyptoworm attack that created havoc in early 2017. We at Alvaka urge our clients, and others that read this blog, to place top-priority in patching their DNS servers. If your IT department struggles to properly implement security patches, our qualified staff can ensure your patches have been applied correctly and on time through our Patchworx solution.