Security researchers from Check Point Software Technologies have discovered a 17-year old bug in Windows Server that could allow a malicious actor to gain Domain Admin rights to the system. The vulnerability, known as SIGRed, uses a malicious DNS response against servers running Windows DNS services to trigger a buffer overflow.
The bug, tracked as CVE-2020-1350, has been awarded a critical CVSS severity score of 10.0.
Microsoft has released patches to resolve this wormable vulnerability, but servers running Windows Server 2008 may only be patched if Extended Support Updates (ESU) are enabled. A workaround is available for Windows Server 2008 systems not covered under ESU.
We are currently taking steps to mitigate this vulnerability on all internal systems and customer platforms using our Managed Patching service. If you have any questions or concerns, feel free to contact firstname.lastname@example.org.