Gigabyte B550 Aorus Pro review
Asus ROG Strix XG27UQ review
be quiet! Pure Rock 2 review
Fractal Design Define 7 Compact review
Lian Li Galahad 360 liquid cooler review
Guru3D Rig of the Month - July 2020
Patriot Viper Steel DDR4 3600 MHz (64GB) review
Red Dead Redemption 2: PC graphics benchmark review (revisited)
Kioxia Exceria 960 GB SATA3 SSD review
HP Portable P500 1TB Portable USB3 SSD review
Microsoft warns of wormable vulnerability in Windows DNS Server
Windows DNS Server holds a seventeen-year-old significant vulnerability, which is named as wormable and has the most important possible risk score. Administrators should update Windows Server systems as soon as possible.
Today we released an update for CVE-2020-1350, a Critical Remote Code Execution (RCE) vulnerability in Windows DNS Server that is classified as a ‘wormable’ vulnerability and has a CVSS base score of 10.0. This issue results from a flaw in Microsoft’s DNS server role implementation and affects all Windows Server versions. Non-Microsoft DNS Servers are not affected.
Wormable vulnerabilities have the potential to spread via malware between vulnerable computers without user interaction. Windows DNS Server is a core networking component. While this vulnerability is not currently known to be used in active attacks, it is essential that customers apply Windows updates to address this vulnerability as soon as possible.
If applying the update quickly is not practical, a registry-based workaround is available that does not require restarting the server. The update and the workaround are both detailed in CVE-2020-1350.
Customers with automatic updates turned on do not need to take any additional action.
Microsoft Details Its Velocity Architecture Behind the Xbox Series X: - 07/14/2020 07:36 PM
Xbox Velocity Architecture, what a catchy marketing phrase, Microsoft is giving you a closer look at the next-gen tech driving gaming innovation Forward on Xbox Series X. ...
Microsoft Flight Simulator will be released for PC on August 18 in three versions - 07/14/2020 09:01 AM
The much-anticipated Flight Simulator from Microsoft will see a release on August 18 for Windows 10. The Standard Edition is available via the Game Pass subscription or sold separately for 70 euros. E...
Warner Bros. gaming division for sale (Update: Microsoft going for it) - 07/07/2020 08:24 AM
And the current companies interested in buying WB games are Take-Two, EA and Activision Blizzard, a deal that may be worth around $4 billion chatter indicates...
Microsoft Silently Patches two Windows 10 Codec Vulnerabilities - 07/05/2020 05:15 PM
Microsoft bumped into a twofold of issues in two codecs from the Windows Codecs Library, which were found to be vulnerable to systems running Windows 10 and Windows Server 2019....
Advertorial: Microsoft licenses for less than 13usd: offers at URcdkey - 07/03/2020 08:44 AM
Return our usual appointment with URcdkey offers, through which we will have the opportunity to save quite interesting sums on the software essential for our PCs. On the other hand, we are in summer, ...
Rich_Guy
Senior Member
Posts: 12547
Joined: 2003-05-11
Senior Member
Posts: 12547
Joined: 2003-05-11
#5809311 Posted on: 07/15/2020 04:23 PM
Im sure this got plugged in yesterdays security updates, along with the other 100+
Im sure this got plugged in yesterdays security updates, along with the other 100+
BetA
Senior Member
Posts: 4307
Joined: 2008-03-03
Senior Member
Posts: 4307
Joined: 2008-03-03
#5809334 Posted on: 07/15/2020 05:06 PM
heres teh workaround...
i guess im in the clear, since im NOT USING the windows DNS Service (its disabled here) :p
DNSCryptProxy all the way baby...
still, i shall update my system tonight....
heres teh workaround...
If applying these patches is not currently feasible, Microsoft provided a workaround
via a Windows registry modification:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters
DWORD = TcpReceivePacketSize
Value = 0xFF00
In order for these changes to take effect, the DNS Service must be restarted.
Microsoft recommends removing the workaround after patches have been applied.
Microsoft recommends removing the workaround after patches have been applied.
i guess im in the clear, since im NOT USING the windows DNS Service (its disabled here) :p
DNSCryptProxy all the way baby...
still, i shall update my system tonight....
karma777police
Senior Member
Posts: 190
Joined: 2018-08-17
Senior Member
Posts: 190
Joined: 2018-08-17
#5809668 Posted on: 07/16/2020 02:45 PM
I disabled Windows Update a long time ago. It is useless because Windows is never secured at any point of its life. I use Windows only for gaming, don't keep any personal info on it or do anything else. I format it every month anyways.
I disabled Windows Update a long time ago. It is useless because Windows is never secured at any point of its life. I use Windows only for gaming, don't keep any personal info on it or do anything else. I format it every month anyways.
anticupidon
Senior Member
Posts: 5043
Joined: 2008-03-06
Senior Member
Posts: 5043
Joined: 2008-03-06
#5809670 Posted on: 07/16/2020 02:52 PM
SigRED
SigRED
Click here to post a comment for this news story on the message forum.
Posts: 6072
Joined: 2011-01-02
Ah yes, Windows. A black box full of surprises!