We carried out a report last week about how the Microsoft Windows Servers were under attack due to a vulnerability that has existed from quite some time now. Also, Microsoft acknowledged that this was a severe vulnerability and that it was given a severity rating of 10/10. This should tell you a thing or two about how dangerous the company thinks this problem is. The good news, however, is that the bug has now been fixed meaning that Microsoft Windows Servers on the latest update are safe without this problem affecting them.
The problem, however, is that most of the Microsoft Windows Servers might still be running an older version which does not have the patch to this bug meaning they are still vulnerable. This is also the reason why experts are saying that Microsoft Windows Server owners need to patch their systems as soon as possible. Talking about how and where this bug affects your system, cyber experts reveal that it targets the “Microsoft Windows DNS, the domain name system service on Windows operating systems, and Server software”.
Also, we have a new name for this vulnerability which is called as “SigRed” and no we don’t know why this name has been given. However, what we do know is that this vulnerability is “able to jump across vulnerable machines without any user interaction, potentially compromising an entire organization’s network of PCs in the process”
The team doing research on this vulnerability says that “a hacker [can] craft malicious DNS queries to Windows DNS servers, and achieve arbitrary code execution that could lead to the breach of the entire infrastructure,” Furthermore, Check Point reveals that “If triggered by a malicious DNS query, it triggers a heap-based buffer overflow, enabling the hacker to take control of the server and making it possible for them to intercept and manipulate users’ emails and network traffic, make services unavailable, harvest users’ credentials and more,”