[dns-operations] Wormable RCE in MS Windows DNS Server CVE-2020-1350

Phil Pennock dnsop+phil at spodhuis.org
Wed Jul 15 14:55:27 UTC 2020

For anyone whose organization has some MS Windows servers running a DNS
server, you might care about a CVSS 10.0 wormable Remote Code Execution


There's a registry mitigation which doesn't require server restart, and
patches available.

My sympathy to those affected (and my relief that _this_ time it's not a
Unix software stack).


More information about the dns-operations mailing list