The leak is discovered by researchers at Check Point Research. Hackers could exploit the so-called DNS system of a Windows server to become an administrator on the computer network of, for example, a company.
That gives a malicious opportunity to break into systems. In addition, it is possible to intercept and manipulate e-mails, or to disable certain internal systems.
If one computer is hit by such an attack, this can trigger a chain reaction. This causes a cyber attack to spread from one server to another within the network.
Solution in update
The security guards had already notified Microsoft on May 19, after which a solution for the leak was developed.
That solution appeared today in a software update for the affected devices. By installing that update, a system is no longer at risk, according to Microsoft.
–
–
17 years
Microsoft has given the vulnerability the highest risk score, and also provides instructions for what organizations can do if quick updates are not possible.
Although the leak made cyber attacks possible, it is unclear whether this attack method has been applied in practice. Check Point Research is the first party to disclose this attack method upon discovery. The leak had been in the code for over 17 years.
–
–
