Review: Galax HOF OC Lab DDR4-4400 16 GB
Guru3D Thermal Paste Roundup - Round 2 (2021)
ClockTuner v2.1 for Ryzen (CTR) Guide
TRENDnet 5-port Unmanaged 2.5G Switch review
Powercolor RX 6700 XT Hellhound Spectral White review
Resident Evil Village: PC graphics performance benchmark review
Enermax LIQMAX III aRGB 240mm review
PCIe Resizable BAR Performance AMD and NVIDIA benchmarks
Guru3D Rig of the Month - April 2021
Intel Core i7 11700KF processor review
Microsoft warns of wormable vulnerability in Windows DNS Server
Windows DNS Server holds a seventeen-year-old significant vulnerability, which is named as wormable and has the most important possible risk score. Administrators should update Windows Server systems as soon as possible.
Today we released an update for CVE-2020-1350, a Critical Remote Code Execution (RCE) vulnerability in Windows DNS Server that is classified as a ‘wormable’ vulnerability and has a CVSS base score of 10.0. This issue results from a flaw in Microsoft’s DNS server role implementation and affects all Windows Server versions. Non-Microsoft DNS Servers are not affected.
Wormable vulnerabilities have the potential to spread via malware between vulnerable computers without user interaction. Windows DNS Server is a core networking component. While this vulnerability is not currently known to be used in active attacks, it is essential that customers apply Windows updates to address this vulnerability as soon as possible.
If applying the update quickly is not practical, a registry-based workaround is available that does not require restarting the server. The update and the workaround are both detailed in CVE-2020-1350.
Customers with automatic updates turned on do not need to take any additional action.
Microsoft Details Its Velocity Architecture Behind the Xbox Series X: - 07/14/2020 07:36 PM
Xbox Velocity Architecture, what a catchy marketing phrase, Microsoft is giving you a closer look at the next-gen tech driving gaming innovation Forward on Xbox Series X. ...
Microsoft Flight Simulator will be released for PC on August 18 in three versions - 07/14/2020 09:01 AM
The much-anticipated Flight Simulator from Microsoft will see a release on August 18 for Windows 10. The Standard Edition is available via the Game Pass subscription or sold separately for 70 euros. E...
Warner Bros. gaming division for sale (Update: Microsoft going for it) - 07/07/2020 08:24 AM
And the current companies interested in buying WB games are Take-Two, EA and Activision Blizzard, a deal that may be worth around $4 billion chatter indicates...
Microsoft Silently Patches two Windows 10 Codec Vulnerabilities - 07/05/2020 05:15 PM
Microsoft bumped into a twofold of issues in two codecs from the Windows Codecs Library, which were found to be vulnerable to systems running Windows 10 and Windows Server 2019....
Advertorial: Microsoft licenses for less than 13usd: offers at URcdkey - 07/03/2020 08:44 AM
Return our usual appointment with URcdkey offers, through which we will have the opportunity to save quite interesting sums on the software essential for our PCs. On the other hand, we are in summer, ...
Rich_Guy
Senior Member
Posts: 12658
Joined: 2003-05-11
Senior Member
Posts: 12658
Joined: 2003-05-11
#5809311 Posted on: 07/15/2020 04:23 PM
Im sure this got plugged in yesterdays security updates, along with the other 100+
Im sure this got plugged in yesterdays security updates, along with the other 100+
BetA
Senior Member
Posts: 4351
Joined: 2008-03-03
Senior Member
Posts: 4351
Joined: 2008-03-03
#5809334 Posted on: 07/15/2020 05:06 PM
heres teh workaround...
i guess im in the clear, since im NOT USING the windows DNS Service (its disabled here) :p
DNSCryptProxy all the way baby...
still, i shall update my system tonight....
heres teh workaround...
If applying these patches is not currently feasible, Microsoft provided a workaround
via a Windows registry modification:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters
DWORD = TcpReceivePacketSize
Value = 0xFF00
In order for these changes to take effect, the DNS Service must be restarted.
Microsoft recommends removing the workaround after patches have been applied.
Microsoft recommends removing the workaround after patches have been applied.
i guess im in the clear, since im NOT USING the windows DNS Service (its disabled here) :p
DNSCryptProxy all the way baby...
still, i shall update my system tonight....
anticupidon
Senior Member
Posts: 5843
Joined: 2008-03-06
Senior Member
Posts: 5843
Joined: 2008-03-06
#5809670 Posted on: 07/16/2020 02:52 PM
SigRED
SigRED
Mda400
Senior Member
Posts: 927
Joined: 2008-07-10
Senior Member
Posts: 927
Joined: 2008-07-10
#5809798 Posted on: 07/16/2020 08:39 PM
He's vulnerable, get 'em boys!
I disabled Windows Update a long time ago. It is useless because Windows is never secured at any point of its life. I use Windows only for gaming, don't keep any personal info on it or do anything else. I format it every month anyways.
He's vulnerable, get 'em boys!
Click here to post a comment for this news story on the message forum.
Posts: 6073
Joined: 2011-01-02
Ah yes, Windows. A black box full of surprises!