About

Microsoft has released a patch for a Critical Vulnerability in the Windows DNS Service that can lead to Remote Code Execution (RCE). This is considered worm-able and can spread between devices without user interaction.

Fix

Microsoft System Matrix including patch download – https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350

* This will require a reboot of the server

A no reboot registry workaround can be found below:

https://support.microsoft.com/en-us/help/4569509/windows-dns-server-remote-code-execution-vulnerability

* This could have a negative impact, but is unlikely in most cases according to Microsoft

Scan your external IP address range for port udp/53 to verify your internal network DNS server is not open to the internet.

Want something new to listen to?

Check out our podcast, The Unfair Fight, where you can hear industry insights from Blackpoint Cyber leadership and our special guests firsthand.