If you happen to be running a Windows DNS server, I hope you have automatic updates enabled. Today's security update fixes CVE-2020-1350, also known as SigRed: A 17-year-old 'wormable' vulnerability for hijacking Microsoft Windows Server. I think that title kind of says it all, doesn't it? For the record, it's a heap-based buffer overflow that can be triggered by a malicious DNS query, and it's described as "wormable", with a CVSS base score of 10.0. Wormable means that it can propagate itself and spread exponentially to other vulnerable servers.

It's not at all inaccurate to describe this as "COVID-19 for Windows DNS server". Go fix.

Resources