Technology

#Microsoft has patched a critical ‘wormable’ vulnerability in Windows DNS Server

Table of Contents

#Microsoft has patched a critical ‘wormable’ vulnerability in Windows DNS Server

Microsoft has announced a new patch that resolves a critical vulnerability in Windows DNS Server that is classified as a ‘wormable’ vulnerability and has a CVSS base score of 10.0.

RECOMMENDED: Click here to fix Windows errors and optimize system performance

Cloud Network Banner

Wormable vulnerabilities have the potential to spread via malware between vulnerable computers without user interaction. Windows DNS Server is a core networking component. While this vulnerability is not currently known to be used in active attacks, it is essential that customers apply Windows updates to address this vulnerability as soon as possible.

The patched vulnerability, CVE-2020-1350, is described by Microsoft as follows.

A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account. Windows servers that are configured as DNS servers are at risk from this vulnerability.

To exploit the vulnerability, an unauthenticated attacker could send malicious requests to a Windows DNS server.

The update addresses the vulnerability by modifying how Windows DNS servers handle requests.

Customers with automatic updates turned on do not need to take any additional action, says Microsoft. The listed patches will fix it when installed.

If the update is not accessible, it is possible to mitigate the vulnerability with a Registry tweak.

To work around this vulnerability,

Make the following registry change to restrict the size of the largest inbound TCP-based DNS response packet allowed:

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesDNSParameters

TcpReceivePacketSize

Value = 0xFF00

Note You must restart the DNS Service for the registry change to take effect.

  • The Default (also max) Value = 0xFFFF
  • The Recommended Value = 0xFF00 (255 bytes less than the max)

After the workaround is implemented, a Windows DNS server will be unable to resolve DNS names for its clients when the DNS response from the upstream server is larger than 65280 bytes.

RECOMMENDED: Click here to fix Windows errors and optimize system performance

If you want to read more like this article, you can visit our Technology category.

if you want to watch Movies or Tv Shows go to Dizi.BuradaBiliyorum.Com for forums sites go to Forum.BuradaBiliyorum.Com

Source

Tags

Related Articles

#Every Microsoft Windows Logo From 1985 to 2022

#Every Microsoft Windows Logo From 1985 to 2022

#Compact & Cute Lamp That Fits All Environments Is A Miniaturized Version Of A 1970s Lamp

#Compact & Cute Lamp That Fits All Environments Is A Miniaturized Version Of A 1970s Lamp

#This collection of biodegradable Christmas decor was designed to combat the waste produced during the holidays!

#Plex Will Turn Your Raspberry Pi Into a DIY Chromecast Audio

#Plex Will Turn Your Raspberry Pi Into a DIY Chromecast Audio

Leave a Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Close

Please allow ads on our site

Please consider supporting us by disabling your ad blocker!