CVE-2020-1350

Name of the Vulnerable Software and Affected Versions Microsoft Windows DNS Server versions 2013 through 2019

Description A remote code execution issue exists in Windows Domain Name System servers when they fail to properly handle requests. This can be exploited by a remote attacker using a specially crafted DNS request, allowing them to execute arbitrary code. The vulnerability is also known as 'Windows DNS Server Remote Code Execution Vulnerability' and has been present for 17 years, affecting Windows DNS Servers from 2013 to 2019 editions. It is a 'wormable' bug, enabling attackers to launch malware attacks that can spread from one vulnerable computer to another without human interaction.

Recommendations For Microsoft Windows DNS Server versions 2013 through 2019, apply the patch provided by Microsoft to fix the vulnerability. At the moment, there is no information about other newer versions that contain a fix for this vulnerability.