By Paul Hirsch, Senior Network Engineer
Nestled in between a list of the usual Internet Explorer and Microsoft Office vulnerabilities issued last week, Microsoft announced a nasty vulnerability in Windows DNS servers. The “Domain Name System” is what translates friendly names like “google.com” into the IP addresses computers use to talk to each other. This bug may allow for an attacker to ask for a specially (spitefully) crafted name and gain access to Windows servers running the DNS service. This includes the most important Windows server in just about any network: The Domain Controller.
The patch for “MS15-127” should be applied as soon as possible to all Windows DNS and Domain Controller servers. If hackers are able to develop a strong exploit for this vulnerability it is likely to become very widespread. See https://technet.microsoft.com/en-us/library/security/ms15-127.aspx for more technical information.
Citon Managed Service and AEGIS+Patching customers are being patched automatically. Click here to learn more about how we can keep your systems up to date and secure.