Hack Brief: Microsoft Warns of a 17-Year-Old ‘Wormable’ Bug


Since WannaCry and NotPetya struck the internet just over three years ago, the security industry has scrutinized every new Windows bug that could be used to create a similar world-shaking worm. Now one potentially "wormable" vulnerability—meaning an attack can spread from one machine to another with no human interaction—has appeared in Microsoft's implementation of the domain name system protocol, one of the fundamental building blocks of the internet.
As part of its Patch Tuesday batch of software updates, Microsoft today released a fix for a bug discovered by Israeli security firm Check Point, which the company's researchers have named SigRed. The SigRed bug exploits Windows DNS, one of the most popular kinds of DNS software that translates domain names into IP addresses. Windows DNS runs on the DNS servers of practically every small and medium-sized organization around the world. The bug, Check Point says, has existed in that software for a remarkable 17 years.
-
- Login or register to post comments
Printer-friendly version
- 3247 reads
PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
today's howtos
| TV-Lite – GTK 3 IPTV, Sopcast, Acestream Player for Linux
TV-Lite is a free open-source IPTV player with Sopcast and Acestream handling capabilities, which runs in Linux and Windows.
TV-Lite aims to be a replacement for the older TV-Maxe. It so far uses VLC for media playback, and need Acestream and / or Sopcast for this program to be able to handle the respective stream types.
|
Qubes OS 4.0.4-rc2 has been released!
We’re pleased to announce the second release candidate for Qubes OS 4.0.4.
| NuTyX 20.12.1 available with cards 2.4.124
I am very happy to announce the new version of NuTyX 20.12.1 and cards 2.4.124.
The compilation chain is completely rebuilt in addition to glibc 2.32, gcc 10.2.0 and binutils 2.34
The xorg-server graphics server version 1.20.10, the Mesa 3D library in 20.3.2, gtk3 3.24.24 and qt 5.15.2 are also in their latest versions.
The python interpreters are ent 3.9.0 and 2.7.18.
The XFCE desktop environment is updated to version 4.14.3.
The MATE desktop environment is also updated to version 1.24, the latest version available.
The KDE desktop environment is available in Plasma 5.20.4, Framework 5.76.0 and applications in 20.12.1. et les applications en 20.12.1.
Available browsers are: firefox 84.0.2, chromium 87.0.4280.88, falkon 3.1.0, epiphany 3.38.2, etc
Many desktop applications have been updated as well like thunderbird 78.6.1, Scribus 1.5.6.1, libreoffice 7.0.4.2, gimp 2.10.22, etc.
Core NuTyX ships with Long Term Support (LTS) kernels: 4.9.253, 4.14.217, 4.19.170, 5.4.92 and 5.10.10 and the latest stable version 5.10.10.
|
Patch your Windows 10 now to fix 17-year-old DNS flaw
Patch your Windows 10 now to fix 17-year-old DNS flaw