Today is July 2020 Patch Tuesday, and Microsoft has released updates/fixes for multiple vulnerabilities. One of them is a critical vulnerability with a CVSS score of 10.
What is the issue?
Windows DNS Server Remote Code Execution Vulnerability (CVE-2020-1350)
Microsoft released an update for CVE-2020-1350, a Critical Remote Code Execution (RCE) vulnerability in Windows DNS Server that is classified as a ‘wormable’ vulnerability and has a CVSS base score of 10.0. This issue results from a flaw in Microsoft’s DNS server role implementation and affects all Windows Server versions. Non-Microsoft DNS Servers are not affected.
What can you do to protect yourself?
According to Microsoft, this vulnerability is not currently known to be used in active attacks. It is essential that customers apply Windows updates to address this vulnerability as soon as possible. If applying the update quickly is not practical, a registry-based workaround is available that does not require restarting the server.
It is important to have updated security software and the latest software patches applied to the endpoints. As always, avoid opening suspicious emails containing attachments or links that come from any unknown sources. And disable macros in Office programs. Do not enable them unless it is essential to do so.
Zscaler ThreatLabZ has added detection signatures for exploitation of this vulnerability through our Advanced Cloud Firewall protection.
Details related to these threat signatures can be found in the Zscaler Threat Library.