Advisory Type: IT Security
Severity: Critical
Summary:
PDS is providing the following communication to build awareness of a critical priority vulnerability and patches in Microsoft’s DNS Server product.
On July 14, 2020 Microsoft posted advisory KB4569509: Guidance for DNS Server Vulnerability CVE-2020-1350 disclosing that a Critical Remote Code Execution vulnerability exists in the DNS Server product running on version 2003 through 2019 platforms. An attacker can obtain Domain administrator access via a heap buffer overflow exploit.
Check Point Security discovered the RCE exploit and reported the issue to Microsoft on May 19. On July 14 Microsoft issued a patch for the vulnerability and made the information public. Microsoft also published a work-around which can protect the DNS Service without the requirement for a reboot for those situations where the servers cannot be fully patched and rebooted immediately. The US Department of Homeland Security issued an Emergency Directive mandating Federal Civilian Executive Branch agencies to patch by Friday afternoon, July 17.
The Microsoft Security Update Guide article contains links to the patches for each product version.
Environments hosting public access to DNS services are most vulnerable and patching or mitigation should be made immediately.
We strongly advise customers to review the Microsoft advisory and patch information. PDS Architects are available to assist with the upgrades, your Account Director can assist in arranging support for this upgrade.