The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert identifying a critical vulnerability affecting all versions of Microsoft® Windows Server® configured with the Domain Name System (DNS) role enabled. The vulnerability could potentially allow a remote attacker to gain control of affected systems. Malware exploiting this vulnerability could likewise propagate to other systems beyond the one originally affected.
The vulnerability has been recognized by Microsoft and labeled CVE-2020-1350. The vulnerability stems from a failure in the ability to properly handle requests. Bad actors could successfully exploit the vulnerability, run malicious code in the context of a local system account, potentially exfiltrate data, and/or exploit malware for criminal purposes.
Microsoft has issued a security patch that protects against the discovered vulnerability.
ACA Aponix recommends the following in response to the identified Microsoft Server vulnerability:
- Ensure the identified Microsoft security update is installed.
- Ensure all operating system, anti-malware, and device patches are regularly installed via a mandatory patching policy.
- Ensure device patching programs reach and are enforced for users in the work from home environment.
- Perform a cybersecurity risk assessment, in which potential areas of risk are located, and controls are subsequently detailed.
How We Help
ACA Aponix offers the following solutions that can help firms monitor and protect against cybersecurity threats.
- Threat intelligence
- Policies, procedures, and governance
- Cyber incident response planning
- Cybersecurity and technology risk assessments
If you have any questions, please contact your ACA Aponix consultant or email us at firstname.lastname@example.org.