Share this article
Improve this guide
Windows vulnerability triggers Homeland Security reaction
2 min. read
Published onJuly 17, 2020
published onJuly 17, 2020
Share this article
Improve this guide
Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more
Key notes
Despite Microsoft being focused on privacy and security improvements, there are still crucialvulnerabilitiesto be attended to. AndCybersecurity and Infrastructure Security Agency (CISA)demand that they have to be patched now!
The Federal authorities refer to theWindowsDNSServer Remote Code ExecutionVulnerabilitycode-named CVE-2020-1350.
On July 14th, Microsoft issued a security update to address thiscritical Windowsvulnerabilitytogether withother 138 other vulnerabilities.
Microsoft had previouslyurgent updates to patch some vulnerabilitiesout of the blue like some apparently harmless codecs.
And let’s not forget that not long ago, NSA already warned about another vulnerability,CVE-2020-0688 that affected Microsoft Exchange servers.
What is CVE-2020-1350 and what does it do?
The CVE-2020-1350vulnerabilityis also known as SIGRed and it is a remote code execution that affectsWindows Serverversions 2003 through 2019.
The problem is that thisvulnerabilityreceived the maximum severity rating of 10 out of 10.
The severity rating also comes from the fact that SIGRed is workable. That means that anexploitcan extend throughout the network to vulnerable computers automatically, without any human help.
And as happens with mostvulnerabilities, this is not a new one, it existed for over 17 years and it impacts all Windows Server versions 2003 through 2019.
Luckily, Microsoftissueda Registry workaround for thisvulnerabilitybut it has to be applied to the vulnerable servers at once.
What are the CISA’s recommendations?
Theemergency directive from CISArecommends all agencies to update all endpoint computers running Windows Server within 24 hours (by 2:00 pm EST, Friday, July 17, 2020).
These requirements apply to Windows Servers in any information system, including information systems used or operated by another entity on behalf of an agency, that collects, processes, stores, transmits, disseminates, or otherwise maintains agency information.
The Federal authority also makes a clear statement about the gravity of the potential exploitation of thisvulnerability:
CISA has determined that thisvulnerabilityposes unacceptable significant risk to the Federal Civilian Executive Branch and requires an immediate and emergency action. This determination is based on the likelihood of thevulnerabilitybeing exploited, the widespread use of the affected software across the Federal enterprise, the high potential for a compromise of agency information systems, and the grave impact of a successful compromise.
If you have any thoughts about this, please lay them down in our Comments section below.
[wl_navigator]
More about the topics:Cybersecurity
Claudiu Andone
Windows Toubleshooting Expert
Oldtimer in the tech and science press, Claudiu is focused on whatever comes new from Microsoft.
His abrupt interest in computers started when he saw the first Home Computer as a kid. However, his passion for Windows and everything related became obvious when he became a sys admin in a computer science high school.
With 14 years of experience in writing about everything there is to know about science and technology, Claudiu also likes rock music, chilling in the garden, and Star Wars. May the force be with you, always!
User forum
0 messages
Sort by:LatestOldestMost Votes
Comment*
Name*
Email*
Commenting as.Not you?
Save information for future comments
Comment
Δ
Claudiu Andone
Windows Toubleshooting Expert
Oldtimer in the tech and science press, with 14 years of experience in writing on everything there is to know about science, technology, and Microsoft
