Rare CVSS 10 Vulnerability Disclosed for Microsoft DNS Servers: Please Read

Be on the lookout for my typical Patch Tuesday blog tomorrow but one particularly stands out that we wanted to let you know about ASAP.

As you may have already seen, on July 14, Microsoft disclosed a vulnerability for those running Microsoft DNS servers and/or Active Directory environments, and issued a patch.

An unauthenticated attacker could send a packet to the DNS server and gain Local System access. Microsoft has listed this vulnerability as “Exploitation More Likely” and assigned it a rare CVSS score of 10.  Microsoft stated in the disclosure that they consider this a “Wormable” vulnerability, since DNS servers are available to most of the systems within a network. If you or your customers are running Microsoft DNS server, it is recommended that you either deploy the patch as soon as possible or implement the registry workaround listed in the disclosure. 

More information can be found here: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350.

If you cannot patch immediately and wish to apply the workaround, you can use these AMP files within either SolarWinds® N-central® or RMM on your DNS servers: https://success.solarwindsmsp.com/kb/solarwinds_n-central/Microsoft-DNS-Server-CVE-2020-1350-Workaround

Stay safe out there!

 

Gill Langston is head security nerd for SolarWinds MSP. You can follow Gill on Twitter at @cybersec_nerd

Want to stay up to date?

Get the latest MSP tips, tricks, and ideas sent to your inbox each week.

Loading form....

If the form does not load in a few seconds, it is probably because your browser is using Tracking Protection. This is either an Ad Blocker plug-in or your browser is in private mode. Please allow tracking on this page to request a trial.

Note: Firefox users may see a shield icon to the left of the URL in the address bar. Click on this to disable tracking protection for this session/site