Researchers at Check Point have discovered a vulnerability in the DNS server service in Windows, which can be used by criminals to gain control over the company’s information system. This is stated in the press release received by "Newspaper.EN".
Through this vulnerability, hackers can create malicious DNS queries to the DNS server of Windows and carry out the execution of arbitrary code, which in turn leads to disruption of the entire it infrastructure. A critical vulnerability, dubbed Signed, affects versions of Windows from 2003 to 2019.
Specialists Check Point Research told Microsoft about vulnerabilities found may 19, 2020. The company acknowledged the security flaw and quickly developed a patch (CVE-2020-1350). Microsoft assigned the vulnerability the maximum risk level (CVSS:10.0). The vulnerability Signed is that a single exploit can start a chain reaction. The result is that one compromised device can become the distributor of the malware throughout your organization’s network within a few minutes after the first exploit.
"disruption of the DNS servers is a very serious problem. The use of server vulnerability allows hackers to gain access to all company confidential data. Vulnerabilities of this type are not many, however, their presence exposes any company that uses Windows Server, serious risk of compromising the entire corporate network. The vulnerability exists in code Signed with Microsoft for over 17 years. If we find it, we can assume that somebody else also knows about its existence" said OMRI Herscovici, head of the research group Check Point.
