mdlbear | PSA: Patch your Windows DNS server (Reply)

You're viewing

mdlbear's journal
Create a Dreamwidth Account Learn More

Reload page in style: site light

Profile

$mdlbear: blue fractal bear with text "since 2002" (Default)$

mdlbear

steve.savitzky.net

May 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 2025

Active Entries

1: Done Since 2025-04-27
2: Thankful Thursday
3: Done Since 2025-04-20
4: Thankful Thursday
5: Thankful Thursday
6: Done Since 2025-04-06
7: Thankful Thursday
8: Thankful Thursday, 78th birthday edition
9: Thankful Thursday
10: Done Since 2025-03-16

Expand Cut Tags

No cut tags

If you happen to be running a Windows DNS server, I hope you have automatic updates enabled. Today's security update fixes CVE-2020-1350, also known as SigRed: A 17-year-old 'wormable' vulnerability for hijacking Microsoft Windows Server. I think that title kind of says it all, doesn't it? For the record, it's a heap-based buffer overflow that can be triggered by a malicious DNS query, and it's described as "wormable", with a CVSS base score of 10.0. Wormable means that it can propagate itself and spread exponentially to other vulnerable servers.

It's not at all inaccurate to describe this as "COVID-19 for Windows DNS server". Go fix.

Resources

Another fine post from The Computer Curmudgeon (also at computer-curmudgeon.com).
Donation buttons in profile.

Mood: didactic
Location: Somewhere in cyberspace
Crossposts: https://mdlbear.livejournal.com/1731742.html

From:

Anonymous This account has disabled anonymous posting.

OpenID (will be screened if not validated)

Dreamwidth account

If you don't have an account you can create one now.

Subject

HTML doesn't work in the subject.

Formatting type

Message

Captcha Response (paste here)

If you are unable to use this captcha for any reason, please contact us by email at support@dreamwidth.org

Links

Style Credit

Style: Green for EasyRead by rb

Page generated 2025-05-17 07:02 am

Powered by Dreamwidth Studios