Security News > 2020 > July > U.S. Government Agencies Instructed to Patch Wormable Windows Server Flaw
The US Cybersecurity and Infrastructure Security Agency has instructed government agencies to immediately address a vulnerability affecting Windows DNS servers.
The flaw, which impacts Windows Server versions released in the past 17 years, allows a remote, unauthenticated attacker to run arbitrary code on affected Windows DNS servers using specially crafted requests.
The Emergency Directive 20-03 issued by CISA on Thursday instructs federal agencies to take action as soon as possible to ensure that their servers are protected against attacks exploiting CVE-2020-1350.
Agencies have been given 24 hours to roll out either the patch or the workaround for SIGRed to all Windows DNS servers.
They have been given until July 24 to install the patch and remove the workaround, and until the same date they need to ensure that controls are in place so that newly provisioned servers, or ones that have been disconnected, are updated before they are connected to the government's networks.
News URL
Related news
- 'Patch yesterday': Zimbra mail servers under siege through RCE vuln (source)
- Microsoft fixes Remote Desktop issues caused by Windows Server update (source)
- Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- Exploit released for new Windows Server "WinReg" NTLM Relay attack (source)
- Microsoft confirms Windows Server 2025 blue screen, install issues (source)
- Windows Server 2025 released—here are the new features (source)
- November 2024 Patch Tuesday forecast: New servers arrive early (source)
- Microsoft blames Windows Server 2025 automatic upgrades on 3rd-party tools (source)
- Microsoft fixes bugs causing Windows Server 2025 blue screens, install issues (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-14 | CVE-2020-1350 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka 'Windows DNS Server Remote Code Execution Vulnerability'. | 10.0 |