Microsoft has released a patch for a Critical Vulnerability in the Windows DNS Service that can lead to Remote Code Execution (RCE). This is considered worm-able and can spread between devices without user interaction.
Microsoft System Matrix including patch download – https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350
* This will require a reboot of the server
A no reboot registry workaround can be found below:
* This could have a negative impact, but is unlikely in most cases according to Microsoft
Scan your external IP address range for port udp/53 to verify your internal network DNS server is not open to the internet.