Helient Systems :

By Khari Turner
Managed Services Systems Analyst

On July 14, 2020, Microsoft released an update for CVE-2020-1350, a Critical Remote Code Execution (RCE) vulnerability in Windows DNS Server that is classified as a ‘wormable’ vulnerability and has a CVSS base score of 10.0 (out of 10.0).

Systems impacted:

• Windows Server 2019
• Windows Server 2019 (Server Core installation)
• Windows Server, version 1909 (Server Core installation)
• Windows Server, version 1903 (Server Core installation)
• Windows Server, version 2004 (Server Core installation)
• Windows Server 2016
• Windows Server 2016 (Server Core installation)
• Windows Server 2008 for 32-bit Systems Service Pack 2
• Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
• Windows Server 2008 for x64-based Systems Service Pack 2
• Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
• Windows Server 2008 R2 for x64-based Systems Service Pack 1
• Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
• Windows Server 2012
• Windows Server 2012 (Server Core installation)
• Windows Server 2012 R2
• Windows Server 2012 R2 (Server Core installation)

It is essential that customers apply Windows updates to address this vulnerability as soon as possible. If applying the update quickly is not practical, a registry-based workaround is available that does not require restarting the server.

Full details of the vulnerability here: https://support.microsoft.com/en-us/help/4569509/windows-dns-server-remote-code-execution-vulnerability

If you would like more information or assistance from our industry-leading team of Windows Server experts to plan and execute an action plan to address this critical vulnerability, please contact us at service@helient.com.