This Flaw Existed In Windows For 17 Years And Was Just Fixed Now, Do You Know It?

Dhir Acharya - Jul 15, 2020

Called SigRed, the flaw in Windows DNS existed for 17 years and no one noticed. Yesterday, Microsoft released a patch that fixes this flaw.

Yesterday, Microsoft rolled out a patch that fixes a major, long-standing flaw of the Windows DNS (Domain Name System). The patch came out alongside the regular Tuesday Windows update, fixing the SigRed flaw found by Israeli security company Check Point, according to Wired.

The DNS is like a phonebook and your IP (Internet Protocol) address is like your phone number. Each computer has a different IP address through its network provider while the domain names are translated to IP address by the DNS. Your browser needs the DNS to load a website like you need the phone book to search for a phone number.

SigRed exploits Windows DNS and it’s a wormable bug that can spread between computers through the DNS.

Screenshot 2020 07 14 At 10 34 48 Compressed — SigRed is a flaw in Windows DNS that has been around for 17 years

Microsoft and Check Point say that this flaw is critical as it scores 10/10 on the common vulnerability scoring system (or CVSS), an industry standard to assess security issues on computers. Every small, medium-sized organization worldwide uses Windows DNS, Wired revealed, so this flaw is really serious, not to mention it wasn’t found for 17 years.

This security flaw is in Windows Domain Name System Security Extensions that strengthens DNS authentication. Without this system, hackers can easily intercept DNS queries and redirect users to a fake site that may trick them into providing their personal information and steal your identity. Small-medium online retail businesses using Windows DSN are at the highest risk of being affected by SigRed.

Microsoft Windows Updates Cycle Arrows Laptop Mobi — Install the latest Windows update to patch this flaw

Even worse, hackers can exploit this vulnerability without needing the target to do anything. A person that has been hacked might not even realize their server has been accessed and controlled by a stranger.

“Once you’re inside the domain controller that runs the Windows DNS server, expanding your control to the rest of the network is really easy.”

To be attacked remotely, the target DNS server has to be exposed to the internet directly, which barely happens because Windows DNS is usually run behind a firewall. But if a hacker can access a company’s LAN or wifi, they can get access to the server.

The one lucky thing, however, is that the flaw hasn’t been exploited so far, but you still have to patch your PCs and servers before a hacker takes the chance. All you need to do is installing the latest Windows update on your computer by opening Settings or typing ‘updates’ into the search bar on your taskbar.