[dns-operations] Wormable RCE in MS Windows DNS Server CVE-2020-1350

Phil Pennock Wed, 15 Jul 2020 08:09:21 -0700

For anyone whose organization has some MS Windows servers running a DNS
server, you might care about a CVSS 10.0 wormable Remote Code Execution
vulnerability:


  
https://msrc-blog.microsoft.com/2020/07/14/july-2020-security-update-cve-2020-1350-vulnerability-in-windows-domain-name-system-dns-server/

There's a registry mitigation which doesn't require server restart, and
patches available.

My sympathy to those affected (and my relief that _this_ time it's not a
Unix software stack).

-Phil
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

[dns-operations] Wormable RCE in MS Windows DNS Server CVE-2020-1350

Reply via email to