Checkpoint’s cyber security researchers have discovered SIGRed, a maxi flaw in Windows DNS servers. The vulnerability, CVE-2020-1350, was discovered by Checkpoint and is of the highest threat. Affects versions from 2003 to 2019. Install the patch now!
It is called SIGRed and is a critical vulnerability of the utmost danger, affecting Windows DNS servers. Checkpoint cyber security researchers discovered it. The flaw (CVE-2020-1350, Integer Overflow leading to Heap-Based Buffer Overflow) affects versions of Windows Server from 2003 to 2019 and can be triggered by a malicious DNS response. As the service is running in elevated privileges (SYSTEM), if exploited successfully, an attacker is granted Domain Administrator rights, effectively compromising the entire corporate infrastructure. It is not clear, however, whether the bug can be exploited only by a malicious actor who operates within the target’s LAN or even outside. By the way, in-depth analyzes are underway. Meanwhile, Microsoft released a patch for its fix on July 15th 2020.