Microsoft and Check Point Warn of a ‘Wormable’ 17-Year-Old Bug Found in Windows DNS

Laptop with virus infecting other laptops

The vulnerability, found by Israeli Security Firm Check Point, resides in Microsoft’s domain name system protocol (DNS). The bug handles data used for key exchange in DNSSEC – the secure version of Windows DNS. Fortunately, Microsoft has already released a fix for the bug – which has been termed SigRed. Check Point has stated that SigRed was rated “critical, a 10 out of 10 on the common vulnerability scoring system, an industry-standard severity rating.” It has received the maximum rating due to its ‘wormable’ capabilities, allowing cybercriminals to potentially leverage it and “spread [it] from one machine to another with no human interaction.” SigRed can be transformed into the next WannaCry – A cryptoworm attack that created worldwide havoc in 2017. Microsoft has advised that every company take immediate action in patching the vulnerability. Adding on to the severity of the situation, SigRed has existed in Window’s DNS since 2003, virtually placing the majority of small and medium-sized enterprises around the globe at risk.

A statement from Chris Cartwright, Alvaka’s Senior Systems Architect

“Companies need to stay vigilant on their patching and also be aware to such issues [SigRed] by subscribing and reading security blogs daily.” – Chris Cartwright

We at Patchworx advise our clients, and others reading this blog, to immediately use Microsoft’s patch for Windows DNS if you haven’t done so already. If your IT department struggles to properly execute security patching do not hesitate to contact our qualified staff. We can guarantee your patches have been applied correctly and on time through our Patchworx solution

Original article from Wired.ComHack Brief: Microsoft Warns of 17-Year-Old ‘Wormable’ Bug

More information from ZDNetDHS CISA tells government agencies to patch Windows Server DNS bug within 24h

If you have any questions or concerns, or need help, please reach out to Patchworx at (844) 957-2824. We operate 24x7x365 with all US based personnel.

Microsoft WSUS Consultant

WSUS Consulting Services

Software update service for system administrators to manage Microsoft product updates
  • Help resolving common WSUS server issues
  • Solve the problem of PCs not reporting to WSUS
  • Identify and repair the common WSUS system errors
  • Fix high CPU utilization problems
  • Stop duplicate SUSClientIDs
  • Diagnose and fix failed downloads
  • Fix IIS permissions that lead to failed Windows Update Agent Error Codes
  • Using Group Policy to set WSUS agent policies
  • Troubleshooting issues with WSUS client agents

SCCM Consulting Services

Systems management software for managing large numbers of computers running multiple operating systems and application.
  • Help with the frequent updates required to maintain security and version updates
  • Develop a program to get a monthly cadence for distributing updates
  • Understanding the of conflicting reports coming from SCCM
  • Verify accuracy before starting the deployment
  • How to properly initiate Client Notification Actions
  • Troubleshooting (DRS) Database Replication Service within SCCM
  • Proactively fixing client issues
  • Fixing failed deployments so you can move on to other more important tasks
  • Fixing ConfigMgr problems
  • Integrate third party add-ins(like Ivanti) for third party updates
  • Support Wake on Lan(WOL) patching
  • Maintenance Windows feature to prevent Servers restart during business hours
  • Updates Windows 10 image during build process that way your workstation will always have the latest security updates
  • Integrate with PowerBi for better reporting

We utilize a proven 31-step patching process.

*Diagram represents a portion of our process”
Patch Management As A Service

FREE Webinar Every Thursday
from 10:00 - 11:00 AM. PST

RSVP Early - Limited Seats

$250K Cyber Insurance Coverage

Our integrated insurance coverage and breach response services includes $250,000 of cyber liability insurance (annual aggregate) with $0 deductible.

As a Patchworx℠ client, you will be protected for the cost of an actual or suspected violation of a privacy regulation due to a security breach that results in the unauthorized release of protected personal information (PPI) up to the policy limits.

PPI is defined as any private, non-public information of any kind in the merchant’s care, custody or control. This coverage territory is worldwide and is backed by a carrier rated A+ by AM Best.

ACHIEVE PATCH COMPLIANCE ASSURANCE