PSA: Patch your Windows DNS server

[mdlbear]

If you happen to be running a Windows DNS server, I hope you have automatic updates enabled. Today's security update fixes CVE-2020-1350, also known as SigRed: A 17-year-old 'wormable' vulnerability for hijacking Microsoft Windows Server. I think that title kind of says it all, doesn't it? For the record, it's a heap-based buffer overflow that can be triggered by a malicious DNS query, and it's described as "wormable", with a CVSS base score of 10.0. Wormable means that it can propagate itself and spread exponentially to other vulnerable servers.

It's not at all inaccurate to describe this as "COVID-19 for Windows DNS server". Go fix.

Resources

• July 2020 Security Update: CVE-2020-1350 Vulnerability in Windows Domain Name System (DNS) Server - Microsoft Security Response Center
• SigRed: A 17-year-old 'wormable' vulnerability for hijacking Microsoft Windows Server | ZDNet
• Patch all your Windows DNS servers - CVE-2020-1350 - CVSS score of 10 - Cyber Security - Spiceworks

Another fine post from The Computer Curmudgeon (also at computer-curmudgeon.com).
Donation buttons in profile.

Comments

[madfilkentist]

Thanks for the heads-up. I don't have anything that runs Windows, but it's likely a client will ask me to write this up in the near future, or I can suggest it as a topic. Knowing about it before being asked helps.