Microsoft released today an updated for CVE-2020-1350, a critical remote code execution (RCE) vulnerability. This vulnerability impacts Windows DNS Server and currently has a CVSS base score of 10. This vulnerability is considered “wormable” and has the potential to spread malware between Windows systems without user interaction. Any infrastructure running Windows DNS servers should either:
1. Apply the released patch provided by Microsoft, CVE-2020-1350 Workaround.
2. Use Microsoft provided workaround via registry edit if patching cannot occur.
This critical vulnerability needs to be taken care of as soon as possible. Please let us know if you are unable to facilitate the updated patch and our team of experts can help you.