Security News > 2020 > July > Old-school security hole perfect for worms and remote hijackings found lurking in Windows Server DNS code
Microsoft on Tuesday patched a wormable hole in its Windows Server software that can be exploited remotely to completely commandeer the machine without any authorization.
Some 18 of those CVE-listed security flaws are considered critical, meaning remote code execution is possible without user interaction.
They include CVE-2020-1350, aka SIGred, a wormable remote code execution flaw in the way Windows Server handles incoming DNS requests.
"The attack vector requires very large DNS packets, so attacks cannot be conducted over UDP. Considering Windows DNS servers are usually also Domain Controllers, definitely get this patched as soon as you can."
"RemoteFX vGPU has been deprecated in Windows Server 2019 and customers are advised to use Discrete Device Assignment instead of RemoteFX vGPU. DDA was introduced in Windows Server 2016," Microsoft noted.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/07/15/july_2020_patch_tuesday/
Related news
- Windows Server 2025 previews security updates without restarts (source)
- Bad apps bypass Windows security alerts for six years using newly unveiled trick (source)
- Windows 10 KB5041580 update released with 14 fixes, security updates (source)
- Windows Server August updates fix Microsoft 365 Defender issue (source)
- August Windows security update breaks dual boot on Linux systems (source)
- GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges (source)
- Microsoft: August updates cause Windows Server boot issues, freezes (source)
- Employee arrested for locking Windows admins out of 254 servers in extortion plot (source)
- Windows 10 KB5043064 update released with 6 fixes, security updates (source)
- Microsoft fixes Windows Server performance issues from August updates (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-14 | CVE-2020-1350 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka 'Windows DNS Server Remote Code Execution Vulnerability'. | 10.0 |