A Wormable DNS Vulnerability in Microsoft Servers (CVE-2020-1350)
Threat Defense Maneuver: Close Connection
Trinity Cyber Threat Detection experts are continuously developing an effective set of response maneuvers to control the desired outcome to known cyber threats.
An example of a Threat Defense Maneuver is Close Connection. By employing Close Connection prior to the threat attacker penetrating the network, companies can best prevent SigRed, a vulnerability in Microsoft’s Domain Name System (DNS) Server software discovered by security researchers at Check Point. The vulnerability is present in the parsing of specific DNS resource records of the Signature (SIG) type, leading to a buffer overflow and Remote Code Execution (RCE).
Read this Threat Brief to learn:
- How to prevent a Wormable DNS Vulnerability in Microsoft
- How to close the network session before the attack can exploit the vulnerability