meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Thursday, July 16th 2020

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

News, Tech News

4.9754 Ratings

🗓️ 16 July 2020

⏱️ 5 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. MSFT DNS Server Vulnerability #sigred; Outlook Patch Crashes; Oracle CPU; Cisco Backdoors

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Thursday, July 16th, 2020 edition of the Sansonet Storm Center's Stormcast.

0:07.3

My name is Johannes Ulrich, and the time recording from Jacksonville, Florida.

0:13.2

Well, of course, CVE 2020-1350 or Cig Red, the Microsoft DNS server vulnerability is still at the top of the news,

0:24.6

even though there isn't really a lot of new information out about this vulnerability.

0:30.4

At this point, we have not seen any public exploits.

0:34.7

However, on Twitter in particular, there have been quite a few fake, even though harmless exploits. However, on Twitter in particular, there have been quite a few fake, even though

0:40.5

harmless exploits that people advertised. Now one question that often comes up is if a request

0:48.6

by itself can exploit this vulnerability, and that's a clear no, the exploit has to be delivered via a response.

0:59.0

However, it does not actually have to come from a DNS server.

1:04.4

There's a pretty interesting sort of version of this exploit that the checkpoint has demonstrated, but they actually use JavaScript

1:13.6

running inside a web browser to essentially emulate a DNS server and delivering the correct,

1:21.6

meaning the exploit response to a DNS server.

1:25.6

So this vulnerability should still be at the top of your

1:30.2

patching and remediation list. Definitely make sure you get this patched by this weekend,

1:37.0

at the very least get the workaround implemented, but may as well just patch it and get it over with.

1:45.6

We also had a special webcast today by George Orkilles to go over some of the details of

1:51.7

this vulnerability and I'll link to a recording in the show notes.

1:57.7

Well, one of the other vulnerabilities I pointed out yesterday was a remote code execution vulnerability

2:03.8

in Outlook. Sadly, it looks like the Outlook patch from Tuesday is going bad on some users. There are

2:14.7

numerous reports of Outlook crashing after applying the patch. And at this

2:20.7

point, it looks the only workaround if this is happening to you is to remove this faulty patch.

2:28.7

So only if you have the problem, only if Outlook is crashing. Take a look at the Reddit post I'll be linking to and

...

Please login to see the full transcript.

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2026.