Warned Microsoft on Tuesday of the existence of a critical security vulnerability present in the system servers Windows DNS Server since 17 years, has been ranked as wormable, which means that the exploitation of one vulnerability can cause a reaction sequence allows an attacker to spread from one computer vulnerable to another without the need of any interaction from victims.
He explained Mechele Gruhn – Security Program Manager at Microsoft in a blog: “the Windows DNS Server an essential component of companies. While it is not currently known if he has been using this vulnerability in active attacks, it is necessary to specify the customers of windows to address this vulnerability as soon as possible”.
Researchers discovered in the the information security company Check Point security vulnerability in Windows DNS Server, they informed the Microsoft in the month of May last. If left without repair, they leave the Windows servers vulnerable to attack, however, Microsoft confirmed that they did not find evidence that anyone has exploited the vulnerabilities.
And Microsoft released a patch to fix the vulnerability across all supported versions of system servers Windows Server today, but the responsibility now rests with the system administrators, who must update the servers as fast as you can before Create the cybercriminals malware based on the vulnerabilities.
And the Omri Herscovici – Team Leader, research gaps have the Check Point – that “hacked the DNS server is extremely dangerous”. He added: “I asked by only a small number of such gaps. Every institution big or small use the Microsoft built infrastructure subject to security threats, great; if left without repair. The danger would be a breach of the full network of the entire company. This gap exists in the code Microsoft for more than 17 years; therefore, we found it means it is natural to assume that someone else found it already too.”
It is indicated that Windows 10 is normal, the versions of the other customers are not affected by the holes, because they only affect the application of the Microsoft DNS Server. Microsoft has launched a solution based on the engine system log Windows Registry for protection of the gap, so in case officials do not able to update servers quickly.