An unbelievable 17-year-old bug just has been awarded a CVSS severity score of 10.0 making it an extremely dangerous security hole for Windows DNS Server.
The bug, tracked as CVE-2020-1350 or also called “SigRed” relates to Microsoft Windows DNS and is wormable, meaning it can jump across unpatched machines without user interaction. Unnoticed this can lead to the compromising of the whole network of a company.
As Microsoft closed the security issue on its Microsoft Patch Tuesday, a secure patch is finally available. Still this update won’t be installed automatically.