overview
This week, Microsoft has addressed CVE-2023-50868, a critical denial-of-service (DoS) vulnerability in the Domain Name System Security Extensions (DNSSEC) protocol, disclosed back in February.
The vulnerability was found in the Next Secure Hash 3 (NSEC3) mechanism - allowing attackers to craft DNS packets that exhaust the DNS resolver's resources, causing it to become unresponsive. CVE-2023-50868 affects various DNS services and implementations, including Linux distributions and other major DNS resolution providers.
Due to Microsoft releasing their patch this week, unlike other vendors that released their patches a few months ago, the flaw has become a zero-day threat from their perspective. The reason for the delay is unknown, but fortunately, CVE-2023-50868 is not currently under active exploitation.
Organizations should apply the latest patches immediately and review their DNS security configurations to mitigate potential risks associated with CVE-2023-50868.
INDICATORS OF COMPROMISE (IoCs)
At this time, there are no known IoCs associated with CVE-2023-50868. Avertium remains vigilant in locating IoCs for our customers. Should any be located, Avertium will disclose them as soon as possible. For more information on how Avertium can help protect your organization, please reach out to your Avertium Service Delivery Manager or Account Executive.
SUPPORTING DOCUMENTATION