Microsoft Patches Wormable RCE Flaw in Windows DNS Servers
Microsoft’s July Patch Tuesday updates include a critical vulnerability in Windows DNS servers, which is likely to be exploited by threat actors if left unpatched on systems. The Patch Tuesday updates include over 100 fixes for various bugs ranging in severity. The most critical, CVE-2020-1350, is a wormable remote code execution vulnerability that affects Windows Servers from 2003 to 2019. According to Check Point researchers, who discovered the flaw, the likelihood of exploitation is high.
The Windows Domain Name System Server is an essential component to a Windows Domain, which could be compromised through the vulnerability, allowing an attacker to run arbitrary code in the context of the Local System Account. The vulnerability has a CVSS base score of 10. Since the vulnerability has been found to be wormable, it could potentially spread through DNS servers without user interaction. Although the bug has not been found to have been taken advantage of yet, Microsoft labeled it as a 1, meaning exploitation is likely.