Microsoft warns of wormable vulnerability in Windows DNS Server
Windows DNS Server holds a seventeen-year-old significant vulnerability, which is named as wormable and has the most important possible risk score. Administrators should update Windows Server systems as soon as possible.
Today we released an update for CVE-2020-1350, a Critical Remote Code Execution (RCE) vulnerability in Windows DNS Server that is classified as a ‘wormable’ vulnerability and has a CVSS base score of 10.0. This issue results from a flaw in Microsoft’s DNS server role implementation and affects all Windows Server versions. Non-Microsoft DNS Servers are not affected.
Wormable vulnerabilities have the potential to spread via malware between vulnerable computers without user interaction. Windows DNS Server is a core networking component. While this vulnerability is not currently known to be used in active attacks, it is essential that customers apply Windows updates to address this vulnerability as soon as possible.
If applying the update quickly is not practical, a registry-based workaround is available that does not require restarting the server. The update and the workaround are both detailed in CVE-2020-1350.
Customers with automatic updates turned on do not need to take any additional action.
Microsoft Details Its Velocity Architecture Behind the Xbox Series X: - 07/14/2020 07:36 PM
Xbox Velocity Architecture, what a catchy marketing phrase, Microsoft is giving you a closer look at the next-gen tech driving gaming innovation Forward on Xbox Series X. ...
Microsoft Flight Simulator will be released for PC on August 18 in three versions - 07/14/2020 09:01 AM
The much-anticipated Flight Simulator from Microsoft will see a release on August 18 for Windows 10. The Standard Edition is available via the Game Pass subscription or sold separately for 70 euros. E...
Warner Bros. gaming division for sale (Update: Microsoft going for it) - 07/07/2020 08:24 AM
And the current companies interested in buying WB games are Take-Two, EA and Activision Blizzard, a deal that may be worth around $4 billion chatter indicates...
Microsoft Silently Patches two Windows 10 Codec Vulnerabilities - 07/05/2020 05:15 PM
Microsoft bumped into a twofold of issues in two codecs from the Windows Codecs Library, which were found to be vulnerable to systems running Windows 10 and Windows Server 2019....
Advertorial: Microsoft licenses for less than 13usd: offers at URcdkey - 07/03/2020 08:44 AM
Return our usual appointment with URcdkey offers, through which we will have the opportunity to save quite interesting sums on the software essential for our PCs. On the other hand, we are in summer, ...
Senior Member
Posts: 12767
Joined: 2003-05-11
Im sure this got plugged in yesterdays security updates, along with the other 100+

Senior Member
Posts: 4398
Joined: 2008-03-03
heres teh workaround...
Microsoft recommends removing the workaround after patches have been applied.
i guess im in the clear, since im NOT USING the windows DNS Service (its disabled here) :p
DNSCryptProxy all the way baby...

still, i shall update my system tonight....
Senior Member
Posts: 6751
Joined: 2008-03-06
SigRED
Senior Member
Posts: 1010
Joined: 2008-07-10
He's vulnerable, get 'em boys!

Posts: 6073
Joined: 2011-01-02
Ah yes, Windows. A black box full of surprises!