Microsoft warns of ‘wormable’ vulnerability in Windows DNS Server
Windows DNS Server contains a seventeen year old critical vulnerability known as wormable is classified and has the highest possible risk score. Administrators should update Windows Server systems as soon as possible.
Microsoft reports that it is a remote code executionvulnerability present in Windows Server versions 2003 through 2019. The problem is caused by a bug in Microsoft’s DNS server role implementation.
According to Microsoft, the vulnerability is wormable. That is, it is possible to spread malware between systems without requiring any user interaction. As far as is known, the vulnerability has not yet been used in attacks.
The vulnerability is designated CVE-2020-1350 with a CVSS score of 10.0. That is the highest score that can be assigned to a vulnerability according to the common vulnerability scoring system. Microsoft has released updates for all versions of Windows Server and there are instructions for a work-around if a quick update is not possible.
Security researchers at Check Point discovered the vulnerability. The researchers call the vulnerability SigRed and have published a substantive description. The vulnerability was reported to Microsoft in May and the publication has now been jointly made public.