Microsoft reports in its “Security Response Center” that it is a “critical” vulnerability in the Windows DNS servers that enables attackers to inject and execute foreign code onto the systems (Remote Code Execution, RCE). In addition, the vulnerability is “wormable,” warns the software company. This means that an already infected system can become the starting point for automated attacks on other computers via malware without user intervention.
Photo series with 30 pictures
–
Almost all computers are affected
This enables attackers to take control of entire IT systems and take over computer networks and paralyze them or misuse them, for example, for espionage purposes. In 2017, about 300,000 devices in hundreds of countries worldwide were paralyzed by extortion Trojans, which also exploited a vulnerable vulnerability called “WannaCry”.
The current problem affects all versions of Windows 10. Given that Windows 10 is the most widely used operating system in the world and is also used in most companies and government agencies, the threat situation is serious. Also Microsoft the vulnerability is therefore rated with the highest possible risk level 10.0 on the scale of the “Common Vulnerability Scoring System” (CVSS).
Now import Windows update
According to the software company, the vulnerability is not yet being actively exploited. Users should install the necessary patches as soon as possible to prevent attackers from exploiting the vulnerability.
Learn how to run Windows updates manually here.
Microsoft had only earlier this month released an unscheduled emergency update, which has been used to correct two other serious errors. However, these only affected certain Windows systems. However, such incidents show how important it is to import updates promptly. It is best to use the Windows 10 auto-update function. More about this here.
Attacks from the Internet are increasing in the Corona crisis
Windows DNS Server is an essential network component for Internet use. DNS stands for Domain Name System and describes the protocol that translates the names of websites into their associated IP addresses. But the way in which Windows DNS servers process these requests and answers is flawed and can be misused for attacks, as a security researcher from Check Point found out.
The company christened the Windows 10 vulnerability SigRed and, according to its own statements, alerted Microsoft about the danger in May. Check Point claims that the cause of the problem has been hidden in the operating system code for 17 years. In a blog post, the company warns of a new “cyber pandemic”.
Experts warn that government agencies and companies that provide critical infrastructure – such as energy sources and telecommunications companies – could become the focus of hackers as a result of the vulnerability becoming known. In the Corona-Krise hacker groups have already expanded their attacks on corporate and administrative networks. Since many people are currently working from home, the risk of attacks from the Internet is particularly high.
–
Related
