Flash Notice: Microsoft Addresses Critical DoS Vulnerability

overview

This week, Microsoft has addressed CVE-2023-50868, a critical denial-of-service (DoS) vulnerability in the Domain Name System Security Extensions (DNSSEC) protocol, disclosed back in February. 

The vulnerability was found in the Next Secure Hash 3 (NSEC3) mechanism - allowing attackers to craft DNS packets that exhaust the DNS resolver's resources, causing it to become unresponsive. CVE-2023-50868 affects various DNS services and implementations, including Linux distributions and other major DNS resolution providers. 

Due to Microsoft releasing their patch this week, unlike other vendors that released their patches a few months ago, the flaw has become a zero-day threat from their perspective. The reason for the delay is unknown, but fortunately, CVE-2023-50868 is not currently under active exploitation.  

Organizations should apply the latest patches immediately and review their DNS security configurations to mitigate potential risks associated with CVE-2023-50868.  

avertium's recommendationS

• Please see Microsoft’s advisory for patch guidance.  

INDICATORS OF COMPROMISE (IoCs)

At this time, there are no known IoCs associated with CVE-2023-50868. Avertium remains vigilant in locating IoCs for our customers. Should any be located, Avertium will disclose them as soon as possible. For more information on how Avertium can help protect your organization, please reach out to your Avertium Service Delivery Manager or Account Executive.   

How Avertium is Protecting Our CUSTOMERS

• Fusion MXDR for Microsoft combines Avertium's Fusion MXDR approach with Microsoft Security Solutions, creating the first MDR offering that integrates all aspects of security operations into an active and threat-informed XDR solution. Leveraging Microsoft's comprehensive and cost-effective technology, Fusion MXDR for Microsoft delivers a release of cyber energy, encompassing implementation, optimization, ongoing management, and tuning. 

SUPPORTING DOCUMENTATION