contador web Skip to content

Microsoft: New Security Flaw Has the Potential to Endanger Every Business in the World

Microsoft issued an alert this Tuesday, July 14, about a critical vulnerability in Windows DNS Server that, according to technology, has the potential to initiate a chain attack. This flaw can be exploited by hackers who, with malware capable of executing code remotely on Windows servers, may even be able to access sensitive data on company systems.

Mechele Gruhn, responsible for Microsoft's cybersecurity program, explains that the vulnerability "is not yet being used in any attacks", but calls on users to "download and install available updates" so that their computers are protected.

The problem in question was discovered by researchers at Check Point last May. And while it is not being misused by hackers, the truth is that the security breach leaves the US giant's servers vulnerable to attack.

The news was released this Tuesday, when the security patch developed to correct the error was also made available. "All organizations, whether large or small, are at risk if they do not install the patch. There is potential for this flaw to be exploited by hackers to enable access to their systems. This vulnerability has been in Microsoft code for 17 years and, if we find it now, it is not impossible that someone else has discovered it since then ", warned Omri Herscovici, responsible for Check Point's vulnerability investigation team.

On the Common Vulnerability Scoring System (CVSS) hazard scale, Microsoft rated this vulnerability a score of 10 – the vulnerabilities that enabled the WannaCry computer attack were rated at 8.5 according to this same system. Check Point gave it the name SigRed and clarified that it affects the versions of Windows servers from 2003 to 2019.