“If I’ve understood the article correctly, calling it ‘wormable’ is actually an understatement,” Vesselin Vladimirov Bontchev, a security expert who works for the National Laboratory of Computer Virology in Bulgaria, wrote on Twitter. “It’s suitable for flash worms a la Slammer, which infected the whole population of vulnerable computers on the Internet in something like 10 minutes flat.”Client versions of Windows 10 are not affected by this bug but the software giant does have other patches that plug holes in Windows 10. In total, this month's Patch Tuesday fixes 123 vulnerabilities.
Bontchev was disagreeing with fellow security researcher Marcus Hutchins, who said he thought it was more likely attackers would exploit SigRed in an attempt to wage crippling ransomware campaigns. In that scenario, attackers would take control of a network’s DNS server and then use it to push malware to all connected client computers. Slammer is a reference to SQL Slammer, a worm from 2003 that exploited two vulnerabilities in Microsoft’s SQL Server. Within 10 minutes of being activated, SQL Slammer infected more than 75,000 machines, some of them belonging to Microsoft.
Patch Tuesday: Windows Server gets protection against wormable DNS vulnerability
Posted on Wednesday, July 15 2020 @ 9:30 CEST by Thomas De Maesschalck