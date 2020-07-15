The Jerusalem Post - Israel News Coronavirus Israel News Opinion Middle East Diaspora U.S. Politics WORLD NEWS
Kabbalah Judaism Gaza News BDS Antisemitism OMG Health & Science Business & Tech Cybertech Premium Food
Jerusalem Post Cybertech News

Check Point uncovers critical flaw in Windows DNS server

Windows issued an urgent patch for the problem, which is found in all version from 2003 to 2019

By CYBERTECH  
JULY 15, 2020 16:20
A man types into a keyboard during the Def Con hacker convention in Las Vegas, Nevada, U.S. (photo credit: REUTERS/STEVE MARCUS)
A man types into a keyboard during the Def Con hacker convention in Las Vegas, Nevada, U.S.
(photo credit: REUTERS/STEVE MARCUS)
Check Point researchers recently discovered a critical vulnerability in the Windows Domain Name System (DNS) Server, an essential component of Windows, the company announced on Tuesday.
The company said it had reported the threat to Microsoft, who "acknowledged it as a critical vulnerability" and "issued an urgent patch for it."  
Check Point strongly urged users to apply the patch to their affected Windows DNS Server versions from 2003 to 2019 to prevent the exploitation of this vulnerability.
"Imagine what could happen if someone was able to intercept and read every piece of your mail without your knowledge, before forwarding it on to you:  your new bank card, your replacement driver’s license or passport, letters from your doctor, application forms and more. It’s not hard to understand what that person could learn about you, and what damaging things they could do by copying or tampering with your mail
"Now imagine that a hacker could do the same on your organization’s network, intercepting and manipulating users’ emails and network traffic, making services unavailable, harvesting users’ credentials and more. In effect, they would be able to seize complete control of your IT," Check Point wrote on its website explaining the critical vulnerability.
What is DNS?
According to Check Point, "DNS is part of the global internet infrastructure" that translates familiar website names into strings of numbers that computers need in order to find a website or send an email.
The vulnerability that Check Point discovered would expose all organizations using Windows Server versions 2003 to 2019 and if exploited, would give a potential hacker "Domain Administration rights over the server, and compromise the entire corporate infrastructure."
"The flaw is in the way the Windows DNS server parses an incoming DNS query, and in the way it parses a response to a forwarded DNS query.  If triggered by a malicious DNS query, it triggers a heap-based buffer overflow, enabling the hacker to take control of the server," Check Point stated.
Additionally, Microsoft described the vulnerability as "wormable," which Check Point said could mean that "a single exploit can start a chain reaction that allows attacks to spread from vulnerable machine to vulnerable machine without requiring any human interaction."
"As DNS security is not something many organizations monitor for, or have tight controls around, this means that a single compromised machine could be a ‘super spreader,’ enabling the attack to spread throughout an organization’s network within minutes of the first exploit," Check Point added.
As such, the company strongly urged all users to patch their affected Windows DNS Servers.


Tags cyber security israel cyber security Cyber
Subscribe for our daily newsletter
Subscribe for our daily newsletter

By subscribing I accept the terms of use

Hot Opinion

Jpost editorial logo Turkey is increasingly becoming a threat to Israel By JPOST EDITORIAL
Gil Troy Lies my anti-annexationists allies told me By GIL TROY
DAVID FRIEDMAN Israel will always be a Jewish state By DAVID FRIEDMAN
Emily Schrader We need to cancel anti-Zionism By EMILY SCHRADER
United Hatzalah founder Eli Beer Mental health support is crucial for those recovering from ventilator care By ELI BEER

Most Read

1 Patient dies after catching coronavirus at 'COVID party' in Texas
Teenagers partying 521
2 Russia says Turkey tested its S-400s on US F-16 jets
First parts of a Russian S-400 missile defense system are unloaded from a Russian plane at Murted Airport, known as Akinci Air Base, near Ankara, Turkey, July 12, 2019.
3 Turkey vows to 'liberate Al-Aqsa' after turning Hagia Sophia to mosque
Turkish President Tayyip Erdogan makes a speech during the re-opening of the Ottoman-era Yildiz Hamidiye mosque in Istanbul, Turkey, August 4, 2017
4 Multiple attacks on Iran by unseen adversary send clear warning to regime
An Iranian locally made cruise missile is fired during war games in the northern Indian Ocean and near the entrance to the Gulf, Iran June 17, 2020
5 How have Iran's intelligence forces broken down in face of explosions?
A handout satellite image shows a general view of the Natanz nuclear facility after a fire, in Natanz, Iran July 8, 2020
Information
About Us
Feedback
Staff E-mails
Advertise with Us
Terms Of Service
Privacy Policy
Subscriber Agreement
JPost Jobs
Cancel Subscription
The Jerusalem Post Group
Breaking News
Middle East
World News
Diplomatic Conference
IvritTalk- Free trial lesson
The Jerusalem Report
Jerusalem Post Lite
March of the living
Shapers of Israel
Maariv Online
Tools and services
JPost Premium
Ulpan Online
JPost Newsletter
JPost News Ticker
Our Magazines
Learn Hebrew
RSS feed
JPost.com Archive
Digital Library
Special Content
Promo Content
Promo Content
Himalayan Salt Lamps
Undercounter Ice Makers
Commercial Carpet Cleaners
Commercial Paper Shredders
Cash Counting Machines
Commercial Zero Turn Mowers
Senior Discounts
Sites Of Interest
The Jerusalem Post Conferences
Conference production services
Jewish Broadcasting Service
Jerusalem Hotels
Personas Media
KKL-JNF
Poalim Online
The Jerusalem Post Customer Service Center can be contacted with any questions or requests: Telephone: *2421 * Extension 4 Jerusalem Post or 03-7619056 Fax: 03-5613699 E-mail: subs@jpost.com The center is staffed and provides answers on Sundays through Thursdays between 07:00 and 14:00 and Fridays only handles distribution requests between 7:00 and  13:00 For international customers: The center is staffed and provides answers on Sundays through Thursdays between 7AM and 6PM  Toll Free number in Israel only 1-800-574-574  Telephone +972-3-761-9056 Fax: 972-3-561-3699 E-mail: subs@jpost.com
Copyright © 2020 Jpost Inc. All rights reserved • Terms of Use • Privacy Policy Designed by