Security News > 2020 > July > Old-school security hole perfect for worms and remote hijackings found lurking in Windows Server DNS code

Microsoft on Tuesday patched a wormable hole in its Windows Server software that can be exploited remotely to completely commandeer the machine without any authorization.
Some 18 of those CVE-listed security flaws are considered critical, meaning remote code execution is possible without user interaction.
They include CVE-2020-1350, aka SIGred, a wormable remote code execution flaw in the way Windows Server handles incoming DNS requests.
"The attack vector requires very large DNS packets, so attacks cannot be conducted over UDP. Considering Windows DNS servers are usually also Domain Controllers, definitely get this patched as soon as you can."
"RemoteFX vGPU has been deprecated in Windows Server 2019 and customers are advised to use Discrete Device Assignment instead of RemoteFX vGPU. DDA was introduced in Windows Server 2016," Microsoft noted.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/07/15/july_2020_patch_tuesday/
Related news
- Recent Windows Server 2025 updates cause Remote Desktop freezes (source)
- UK NCSC offers security guidance for domain and DNS registrars (source)
- WinRAR flaw bypasses Windows Mark of the Web security alerts (source)
- Microsoft fixes auth issues on Windows Server, Windows 11 24H2 (source)
- Microsoft: Windows 'inetpub' folder created by security fix, don’t delete (source)
- Microsoft: Windows Server 2025 restarts break connectivity on some DCs (source)
- Don't delete that mystery empty folder. Windows put it there as a security fix (source)
- New Windows Server emergency updates fix container launch issue (source)
- Microsoft fixes Windows Server 2025 blue screen, install issues (source)
- Windows "inetpub" security fix can be abused to block future updates (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-07-14 | CVE-2020-1350 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka 'Windows DNS Server Remote Code Execution Vulnerability'. | 10.0 |