The Federal authorities refer to the Windows DNS Server Remote Code Execution Vulnerability code-named CVE-2020-1350. On July 14th, Microsoft issued a security update to address this critical Windows vulnerability together with other 138 other vulnerabilities. Microsoft had previously urgent updates to patch some vulnerabilities out of the blue like some apparently harmless codecs. And let’s not forget that not long ago, NSA already warned about another vulnerability, CVE-2020-0688 that affected Microsoft Exchange servers.
What is CVE-2020-1350 and what does it do?
The CVE-2020-1350 vulnerability is also known as SIGRed and it is a remote code execution that affects Windows Server versions 2003 through 2019. The problem is that this vulnerability received the maximum severity rating of 10 out of 10. The severity rating also comes from the fact that SIGRed is workable. That means that an exploit can extend throughout the network to vulnerable computers automatically, without any human help. And as happens with most vulnerabilities, this is not a new one, it existed for over 17 years and it impacts all Windows Server versions 2003 through 2019. Luckily, Microsoft issued a Registry workaround for this vulnerability but it has to be applied to the vulnerable servers at once.
What are the CISA’s recommendations?
The emergency directive from CISA recommends all agencies to update all endpoint computers running Windows Server within 24 hours (by 2:00 pm EST, Friday, July 17, 2020). The Federal authority also makes a clear statement about the gravity of the potential exploitation of this vulnerability: If you have any thoughts about this, please lay them down in our Comments section below.
Name *
Email *
Commenting as . Not you?
Save information for future comments
Comment
Δ
