A major vulnerability has been discovered within Microsoft DNS Server which affects all versions of Microsoft Windows Server including the most recent release.
Any business that runs Microsoft Active Directory services to manage security within their organisation are at risk – DNS is a foundation component of Active Directory.
Details of the vulnerability can be found at:
and…
https://msrc-blog.microsoft.com/2020/07/14/july-2020-security-update-cve-2020-1350-vulnerability-in-windows-domain-name-system-dns-server/The vulnerability was discovered by cyber-security specialists Check Point and a temporary fix has been released by Microsoft to provide protection – details of the fix can be found here:
PLEASE NOTE – just because your DNS servers are not publicly accessible does not mean you are not at serious risk. Askaris has seen evidence of companies choosing not to apply the critical patch to mitigate against this threat due to their DNS servers not being connected to the Internet. We would strongly recommend that this patch is applied to ALL Microsoft DNS servers regardless of their accessibility from the Internet. It is widely accepted that 80% of cyber threat comes from within an organisation, so it is very important to ensure internal servers are patched to protect yourselves from the threat from within.
Our Check Point customers are already protected from external threats through their latest IPS update released this evening (635204672), but still be vigilant – gateway protection is not the whole story with this exploit.