Microsoft vulnerability is a risk for companies in the world

The security breach labeled CVSS 10.0, the highest possible dangerousness score, would allow the cybercriminal to perform malicious DNS (domain name system) queries to the Windows server, and to achieve arbitrary code execution that could offer full control over all the IT infrastructure of a company.

This critical vulnerability, which Check Point researchers have called SigRed, affects versions of Windows servers from 2003 to 2019, as reported by the cybersecurity company in a statement.

DNS, often also known as “the Internet address book,” as pointed out by Check Point, is part of the global Internet infrastructure that translates website names into the numerical combinations that computers need to find. that website, send an email, among other actions.

These DNS records are servers that are present in all companies and, if used with malicious intent, would give a cybercriminal domain administrator rights to the server, allowing him to intercept and manipulate users emails and network traffic, user access credentials, disable services and much more.

The cybersecurity company highlights that if the cybercriminal manages to take advantage of the vulnerability, he can take full control of a company’s IT infrastructure.

Source: dpa