SigRed: Windows Server Update closes critical vulnerability

Microsoft recently released various security updates for Windows 10 and Windows Server. The group thus closes the critical gateway called SigRed for hackers, Trojans, worms and other attack vectors. Users who have not yet updated their IT infrastructure with the latest updates should do so immediately.

The good news first: According to Microsoft, the Vulnerability not yet actively exploited. However, this may change if users do not install the provided patch. In particular, companies and organizations such as banks or government institutions that work with critical customer data could be targeted by cybercriminals if the vulnerability became known.

Which Windows servers are affected by SigRed?

SigRed is a critical vulnerability in Windows DNS servers that allows hackers to inject and remotely execute foreign code into systems. The vulnerability occurs when a DNS request fails. Cyber criminals could exploit weaknesses in the service’s error handling to gain access to systems. Particularly critical: According to Microsoft, SigRed should also be wormable.

What is the impact of the vulnerability?

In the worst case, the current vulnerability allows external attackers to gain complete control over IT infrastructures. Cyber criminals can completely paralyze them, spy on them or steal critical data. Many people may still be familiar with the WannaCry vulnerability from 2017. At that time, a blackmail Trojan infected more than 300,000 devices worldwide – a similar scenario cannot be ruled out with the current problems.

What should companies do now?

Organizations that have already installed the patch provided by Microsoft are safe from SigRed attacks. Companies that have not yet done so should do so immediately, otherwise there is a risk of the IT infrastructure being compromised. For more information, see the Microsoft Security Response Center: SigRed in the Microsoft Security Response Center.
If you would like to put your IT security through its paces holistically, we offer this together with our partner Infraforce penetration tests. We examine your IT infrastructure from the perspective of a hacker and thus close potential weak points: Improve your IT Security with penetration tests.