• Skip to primary navigation
  • Skip to main content
  • Skip to footer
Logo of Agilient Security Consultants, Australia

Agilient Security Consultants Australia

Cybersecurity & Risk Management Specialists

Menu
  • Home
  • Industries
      • Aviation
      • Defence & Defence Industry
      • Government
      • Health & Hospitals
      • Corrections and Detention
      • Maritime
      • Aged Care Facilities
      • Mining, Oil & Gas
      • Public Venues & Events
      • Rail
      • Research and Education Industry
      • Telecommunications
      • Utilities
    • advice-colleagues-communication-newIndustries
  • Services
      • Cybersecurity
      • Protective Security
      • Business Resilience
      • Building Security Consultants
      • Security Audits
      • Pandemic Planning
      • Electronic Security
      • IT Disaster Recovery Plan
      • Security Consultants
      • CCTV and Security Cameras
      • Duress Alarms
      • Security Risk Assessment Consultants
      • Managed Security Service Provider
      • Protection against Vehicles as a Weapon
    • training-1Services
  • Solutions
    • banner-menuUnisys Solutions
    • CTO-Blog-110619-Header-GraphicLookingGlass Solutions
    • menu-bg-2Dell Technologies (RSA) Solutions
    • Sightline-Visualization-menuSightline Solutions
  • Resources
    • menumanagers-dealing-customer-agreTraining
    • working-together-newJoin The Tribe
    • Webinars_3-1.jpgUpcoming and Past Events
    • hacking-detected-shutterstock_newResources
  • Articles
  • About
    • About Us
      We are an Australian owned and operated security company specialising in risk, cybersecurity, protective security, crisis and business continuity management services.
    • frequently-asked-questions-smallFAQ’s
    • bg-menu-government-institutionsConsultant Registration
  • Contact Us
Contact Us

Patch Your Windows DNS Servers Now To Avoid Malware

You are here: Home / Security News / Patch Your Windows DNS Servers Now To Avoid Malware

Microsoft have released an urgent patch for Windows Server 2008 and later, running Domain Name Service (DNS) typically used with Active Directory Identity Management, to address the CVE-2020-1350 security vulnerability. Code-named SIGRed, it has the highest possible CVSS score of 10, and allows remote code execution. malware image

Discovered and named by Checkpoint Software Technology researchers, SIGRed is capable of propagating to other servers without action, putting it in the “worm” category of malware. Other examples of this type of malware include the Slapper and Slammer worms that came to light in the early 2000s.

Mitigations for SIGRed

Organizations are advised to install the security patch released by Microsoft as soon as possible. If they can’t update their systems immediately, they can apply a registry workaround manually (see below).

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters

DWORD = TcpReceivePacketSize

Value = 0xFF00

The DNS service needs to be restarted after this registry modification for it to take effect.

Organisations need continuous threat intelligence to counter issues such as this one. Looking Glass Cyber’s ScoutPRIME is an excellent tool to provide this service – contact Agilient today to find out more.

Author: David Steele, Agilient Cybersecurity Consultant

Tweet
Share

Security News cybersecurity,  malware,  malware worm,  SIGRed,  Slammer worm,  Slapper worm,  threat intelligence,  Windows DNS server patch,  Windows patch

Looking for a security partner? Get in touch with Agilient.

Looking for practical and cost-effective security and risk solutions for your government department, agency or company? Speak with Australia’s leading senior security, risk and resilience experts.


Looking for a pandemic planning partner? Get in touch with Agilient.

Looking for practical and cost-effective risk management solutions for your government department, agency or company? Speak with Australia’s leading senior risk and emergency management experts.



Footer

Agilient is a proud member of

Ai Group Defence Council
Australian Industry & Defence Network
Australian Security Industry Association
Sydney Aerospace & Defence Interest Group

Company and Licensing Details:

ABN: 37 157 911 441
NSW Security Master Licence # 410783087
ACT Security Master Licence # 17502184
Vic Security Registration # 878-460-40S
Qld Security Firm Licence # 3834422

Join The Tribe

Sign up to receive our regular Agilient newsletter including the latest security, risk and resilience updates

Sign up now

Copyright © 2021 Agilient · Level 3, 655 Pacific Highway, St Leonards, NSW 2065 · 1300 341 692