SigRed DNS Vulnerability Alert & Response

SigRed DNS Vulnerability Alert:

Earlier this week, Omega Systems was alerted of SigRed (CVE-2020-1350), a CRITICAL SEVERITY  ‘wormable’ remote code execution vulnerability that impacts Windows DNS.  SigRed impacts any Windows Server with the DNS Server Role installed (mainly domain controllers). This vulnerability is remotely exploitable and can be used to elevate user access privileges from a ‘normal user account‘ to ‘domain admin‘ or even a ‘non-domain client‘ to ‘domain admin‘.

Omega Systems’ Rapid Response Protocol:

Prior to the availability of any patches, Omega Systems implemented an Exploit Detection IOC (indicator of compromise) to all Smart Secure SIEM customers to detect and monitor any exploitations, exploitation attempts or impact.

Omega Systems is in the final stages of testing a mitigation that can be applied during business hours with zero downtime prior to our hosted customer standard Windows patches.  Our plan is to automatically roll out the mitigation to all Unlimited Remote Support Customers within the next two days to mitigate the vulnerability without any downtime or user/admin intervention.  Scheduled patching will deploy the SigRed Windows patch during our normal patching window after the vulnerability is mitigated.

If you are a Smart Support Basic customer and require assistance with mitigation steps, please reach out to your Technical Account Manager to ensure protection.

Thank you for Choosing Omega Systems to Secure your network.

By |2020-07-15T17:10:52-04:00July 15th, 2020|Cybersecurity, Notification, Omega Systems|Comments Off on SigRed DNS Vulnerability Alert & Response