Critical Microsoft DNS Server Vulnerability CVE-2020-1350

About

Microsoft has released a patch for a Critical Vulnerability in the Windows DNS Service that can lead to Remote Code Execution (RCE). This is considered worm-able and can spread between devices without user interaction.  

Fix

Microsoft System Matrix including patch download – https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350 

* This will require a reboot of the server 

A no reboot registry workaround can be found below:  

https://support.microsoft.com/en-us/help/4569509/windows-dns-server-remote-code-execution-vulnerability

* This could have a negative impact, but is unlikely in most cases according to Microsoft 

Scan your external IP address range for port udp/53 to verify your internal network DNS server is not open to the internet.

BlackPoint Cyber

Add comment