Security News > 2020 > July > Patch now! SIGRED – the wormable hole in your Windows servers
The good news for most of us, at least in terms of patching, is that this vulnerability only affects Windows servers, because the bug is in the Windows DNS server code, not in the Windows DNS client code.
DNS servers often need to perform client-like functions, for example by passing on requests that they can't answer themselves to other servers that can, reading in the replies and reformatting them to reply to the original client request that came in.
If not most, DNS servers - including the Windows DNS server - have code built into them that not only listens for requests but also processes reponses from other servers.
Having completely different implementations of the make-requests-and-process-replies code in the Windows DNS server program and the Windows DNS client software may sound unusual, but it is not surprising.
DNS servers typically need to handle a much broader set of possible DNS requests and replies than pure-play DNS clients, notably for exchanging data with other DNS servers.
News URL
Related news
- Microsoft fixes bug causing Windows Server 2025 boot errors (source)
- Veeam RCE bug lets domain users hack backup servers, patch now (source)
- New Windows zero-day leaks NTLM hashes, gets unofficial patch (source)
- Recent Windows Server 2025 updates cause Remote Desktop freezes (source)
- Microsoft fixes auth issues on Windows Server, Windows 11 24H2 (source)