Discuz! Board

 Forgot password?
 Register
Search
View: 4243|Reply: 1

Microsoft warns of major vulnerabilities in Windows DNS server,are you ok ?

[Copy link]

61

Threads

100

Posts

365

Credits

Moderator

Rank: 7Rank: 7Rank: 7

Credits
365
Post time 2020-07-15 11:33:42 | Show all posts |Read mode
Researchers at Check Point discovered a security vulnerability in Windows DNS and reported it to Microsoft in May. If the patch is not applied, it will make the Windows server vulnerable to attacks, but Microsoft pointed out that there is no evidence of this flaw being used.



The original text is as follows:


July 2020 Security Update: CVE-2020-1350 Vulnerability in Windows Domain Name System (DNS) Server


MSRC / By MSRC Team / July 14, 2020 / DNS, MSRC, Windows, Worm


Today we released an update for CVE-2020-1350, a Critical Remote Code Execution (RCE) vulnerability in Windows DNS Server that is classified as a ‘wormable’ vulnerability and has a CVSS base score of 10.0. This issue results from a flaw in Microsoft’s DNS server role implementation and affects all Windows Server versions. Non-Microsoft DNS Servers are not affected.


Wormable vulnerabilities have the potential to spread via malware between vulnerable computers without user interaction. Windows DNS Server is a core networking component. While this vulnerability is not currently known to be used in active attacks, it is essential that customers apply Windows updates to address this vulnerability as soon as possible.


If applying the update quickly is not practical, a registry-based workaround is available that does not require restarting the server. The update and the workaround are both detailed in CVE-2020-1350.


Customers with automatic updates turned on do not need to take any additional action. 


– Mechele Gruhn, Principal Security PM Manager, MSRC 


Share


news form
https://msrc-blog.microsoft.com/2020/07/14/july-2020-security-update-cve-2020-1350-vulnerability-in-windows-domain-name-system-dns-server/?ranMID=24542&ranEAID=dquE8U2QoAw&ranSiteID=dquE8U2QoAw-aJVVgzfyt6xIWgDqG3PfGA&epi=dquE8U2QoAw-aJVVgzfyt6xIWgDqG3PfGA&irgwc=1&OCID=AID2000142_aff_7593_1243925&tduid=%28ir__uh2citdjpokftx3qkk0sohzz0e2xi1ww2rlxzypf00%29%287593%29%281243925%29%28dquE8U2QoAw-aJVVgzfyt6xIWgDqG3PfGA%29%28%29&irclickid=_uh2citdjpokftx3qkk0sohzz0e2xi1ww2rlxzypf00

This post contains more resources

You have to Login for download or view attachment(s). No Account? Register

x
Reply

Use magic Report

0

Threads

1

Posts

4

Credits

Newbie

Rank: 1

Credits
4
Post time 2020-07-25 05:28:46 | Show all posts
Microsoft always has been a non secure system, the best option is linux.
Reply

Use magic Report

You have to log in before you can reply Login | Register

Points Rules

Dark room|DiscuzX

2020-08-13 13:25 GMT+8 , Processed in 0.039094 second(s), 23 queries .

Powered by Discuz! X3.4

Copyright © 2001-2020, Tencent Cloud.

Quick Reply To Top Return to the list