"Microsoft Issues Patch for Wormable Windows DNS Server Flaw"
Microsoft is issuing a patch for a 17-year-old wormable Windows Domain Name System (DNS) Server vulnerability discovered by a researcher at Check Point. The exploitation of the DNS Server flaw would allow attackers to intercept users' emails and network traffic, interfere with services and steal users' credentials. According to Microsoft, the flaw impacts all Windows Server versions. The wormable flaw received a Common Vulnerability Scoring System (CVSS) score of 10. Wormable flaws pose a significant threat to security as their exploitation could pave the way for attacks to spread from one vulnerable machine to another without the need for interaction from users. Governments and private entities are encouraged to patch the vulnerability as its abuse could result in hackers gaining control of an entire organization. This article discusses the wormable Windows DNS Server flaw, what malicious activities can be performed by abusing this flaw, the potential impact of wormable vulnerabilities, and the increase in DNS-related hacking operations during the pandemic.
CyberScoop reports "Microsoft Issues Patch for Wormable Windows DNS Server Flaw"