A new security advisory addresses a vulnerability that could be exploited to cause a denial-of-service attack.
Microsoft has released a security advisory addressing a vulnerability affecting Windows DNS Server. Successful exploitation of the flaw could lead to a denial-of-service attack, officials report.
ADV200009 warns of a vulnerability involving packet amplification that affects Windows DNS servers. An attacker would need access to at least one client and a domain that replies with large amounts of referral records that point to external subdomains. While resolving a name from the attacker client, for each record found the resolver contacts the victim's domain.
This process can generate a lot of communications between the recursive resolver and the victim's DNS server to cause a distributed denial-of-service attack, Microsoft explains. It recommends enabling RRL on a DNS server as a workaround for the vulnerability.
US-CERT has posted an alert for ADV200009. Users and administrators are encouraged to review Microsoft's post and apply the necessary mitigations.
Read Microsoft's full advisory here.
Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's featured story: "The Entertainment Biz Is Changing, But the Cybersecurity Script Is One We've Read Before."
About the Author(s)
You May Also Like
Defending Against Today's Threat Landscape with MDR
April 18, 2024The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024