CATEGORIES
home News

Microsoft's Patch Tuesday Onslaught Includes Fix For 17-Year-Old Wormable DNS Exploit

by Shane McGlaunWednesday, July 15, 2020, 09:12 AM EDT
server rack

Microsoft's July 2020 Patch Tuesday release has fixes for over 120 security vulnerabilities found in a dozen of its software products. This is typically the case with Patch Tuesday releases, but there is one vulnerability in particular that you should pay close attention to.

Microsoft has announced that it released an update for a Critical Remote Code Execution vulnerability in Windows DNS server. The vulnerability is known as CVE-2020-1350 and is classified as a wormable vulnerability with a CVSS base score of 10.0. A CVSS base score of 7.0 to 10.0 is considered high severity. Microsoft has a security update available to mitigate the vulnerability.


CVE-2020-1350 is a remote code execution vulnerability that exists in Windows DNS servers when they fail to handle requests properly. Microsoft says that attackers who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account. All Windows servers configured as DNS servers are at risk for the vulnerability, which could be exploited by an unauthenticated attacker sending malicious requests to the server.

Microsoft says that the security update it has published addresses the vulnerability by modifying how Windows DNS servers handle requests. Anyone who operates a Windows DNS server should download the security update appropriate to their Windows Server build immediately. Wormable vulnerabilities such as this have the potential to spread between vulnerable computers without any user interaction.

Microsoft says that the vulnerability isn't known to be used in active attacks. However, Microsoft is clear that all customers should apply the update to address the vulnerability as soon as possible. Those with automatic updates turned on will have the update applied automatically. Anyone in an environment who is unable to apply the security update right away can use a Microsoft supplied workaround until they can apply the update. The workaround involves a registry modification:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters
DWORD = TcpReceivePacketSize
Value = 0xFF00

Microsoft has faced significant issues with some of its updates in recent months. Recently, Microsoft began to block the May 2020 update for Windows 10 from being rolled out automatically to all Windows users as a way to try and prevent the significant issues that happened with the October 2018 update from happening all over again.

Tags:  Microsoft, Update, (nasdaq:msft), windows-server
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment