SIGRed – Resolving Your Way into Domain Admin: Exploiting a 17-Year-old Bug in Windows DNS Servers CVE-2020-1350

Check Point released research today of a discovered vulnerability in Microsoft DNS that affects every server version since Server 2003:

https://msrc-blog.microsoft.com/2020/07/14/july-2020-security-update-cve-2020-1350-vulnerability-in-windows-domain-name-system-dns-server/ 

This vulnerability is a huge deal. It can be launched remotely, by an unauthenticated user, requiring no user intervention on a system that will result in domain administrator privileges. On top of that, the vulnerability is wormable, which means that it can propagate itself to other systems without additional intervention. It is rated a 10 (out of 10) on CVSS, which gives a quantitative measure of the severity of vulnerabilities. 

Organizations should assess the risk and patch Windows servers running DNS services. Everyone should have a strong vulnerability and patch management system to identify and remediate this vulnerability as soon as possible.

Link to story:

SIGRed – Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers

https://research.checkpoint.com/2020/resolving-your-way-into-domain-admin-exploiting-a-17-year-old-bug-in-windows-dns-servers/