Connect with us

National

Microsoft patches critical DNS vulnerability – ACS

Wormable Windows DNS flaw had gone unnoticed for 17 years.

Published

on

Microsoft has patched a major security flaw in Windows DNS server that could be used to execute remote code on machines from outside the network.
The vulnerability had been sitting unnoticed for 17 years until cyber researchers at Checkpoint dove deep into Windows DNS.
Called SIGRed officially CVE-2020-1350 the flaw is a buffer overflow caused by a DNS response containing a signature record larger than 64KB.
While the exploitation can be easily leveraged by malicious actors within a network, …

Click here to view the original article.