forked from LexusWang/Aurora-demos
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path137.txt
More file actions
2 lines (2 loc) · 2.51 KB
/
137.txt
File metadata and controls
2 lines (2 loc) · 2.51 KB
1
2
Hitting the Windows DNS Server Vulnerability Crisis 360 Security Brain Exclusive Release of Non Destructive Detection and Interception Solution
On July 14 2020 Microsoft released patches to fix a critical remote code execution vulnerability in Windows DNS Server (CVE-2020-1350) which allows unauthenticated attackers to send malicious requests to Windows DNS servers and launch remote attacks. Notably this vulnerability can be triggered without user interaction enabling attackers to create self-propagating worm viruses similar to WannaCry that caused global havoc in 2017 potentially leading to massive-scale propagation and destruction. After analysis 360 Security Brain classified this as a "worm-level" critical vulnerability. 360 Security Brain immediately responded by launching a non-destructive detection solution across networks to accurately identify vulnerabilities without affecting normal operations while simultaneously releasing patch-free interception measures to ensure comprehensive user protection. Enterprise users can deploy 360 Full Traffic Threat Analysis System (360AISA) for vulnerability detection and utilize 360 Endpoint Security Management System for patching and attack interception to fully mitigate risks. The Windows DNS Server vulnerability poses severe enterprise threats as domain controller compromise could lead to catastrophic domain hijacking while its wormable nature enables any vulnerable server to become a "super-spreader" rapidly paralyzing entire networks within minutes. Affecting systems from Windows Server 2008 to 2019 including end-of-service Server 2008 versions this 17-year-old vulnerability has unprecedented scope and severity. Microsoft's CVSS 10 rating surpasses EternalBlue's 8.5 score indicating higher risks. Attackers exploiting default Windows DNS configurations can send malicious requests to elevate privileges and execute code. 360 Security Brain implements dual strategies: 360AISA detects attacks through traffic analysis while 360 Endpoint Security Management intercepts exploitation attempts without patches. For Server 2008 users 360 Win7 Shield provides automatic vulnerability coverage. The 360AISA system leverages AI and big data for advanced threat detection across attack lifecycle stages while 360 Endpoint Security Management integrates multiple protections including virus scanning and vulnerability remediation. Given the wormable propagation risk 360 advises heightened vigilance prompt patching and security software deployment to prevent potential global outbreaks resembling WannaCry.