A critical exploit has recently been discovered, CVE-2020-1350.
The exploit allows an attacker on a (susceptible) Windows network to exploit the DNS service on a Windows DNS server. The exploit gives the attacker “Domain Admin” status on the network and servers. From there, the attacker more or less has totally unrestricted access to IT and network resources.
The patch is very easy, but nonetheless we would like to assure our customers that this patch was rolled out shortly after it’s discovery.
Our systems will monitor for unpatched systems constantly and alert us to their presence.