Business

News

 
More...

Alerts

 
More...

Events

 
More...
 
     
 

Vulnerability in Microsoft Windows Server

 

Systems Affected


Windows servers running the DNS server on any of the below versions:
 Windows Server 2003, 2008, 2012, 2016, 2019
 Windows Server versions 1903,1909,2004

Threat Level


Medium


Overview


Remote code execution vulnerability (CVE‐2020‐1350) resides in Windows Domain Name System (DNS) servers. Vulnerability allows an attacker to run arbitrary codes in the Local System context.


Description


This vulnerability resides in windows servers with the DNS role, including Domain Controllers and the systems are vulnerable until updates are applied. Vulnerability allows an unauthenticated attacker to send maliciously crafted DNS queries to a vulnerable Windows DNS server and execute arbitrary codes. A successful compromise to a single computer in a network might affect other devices in the same network. It can spread from one vulnerable computer to another without any human interaction. Finally, this will enable attacker to gain full control over the system.


Impact


  ✻  Possibility of exposing confidential information to unauthorized parties
  ✻  Possibility of losing control of the entire network
  ✻  Disruption to your day to day operations


Solution/ Workarounds


Apply the latest patch for this vulnerability released by Microsoft. Security patch is available for Windows server 2008 onwards.
Note ‐ Windows Servers 2003 is no longer supported and does not have a patch.
Microsoft has issued guidelines on how to mitigate the vulnerability just by editing registry keys. Refer the link below.
 https://support.microsoft.com/en-us/help/4569509/windows-dns-server-remote-code-execution-vulnerability


References


  ✻  https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350
  ✻  https://www.cert.govt.nz


Disclaimer


The information provided herein is on "as is" basis, without warranty of any kind.


 
     

© Copyright Sri Lanka CERT|CC. All Rights Reserved.