With the many and varied vulnerabilities to assess on Patch Tuesday, we wanted to take a few moments to highlight a particularly dangerous one. If you have missed the chatter online about this vulnerability, the technical details are here:
On July 14th, Microsoft disclosed a vulnerability for those running Microsoft DNS servers and/or Active Directory environments, and issued a patch.
An unauthenticated attacker could send a packet to the DNS server and gain Local System access. Microsoft has listed this vulnerability as “Exploitation More Likely” and assigned it a rare CVSS score of 10. Microsoft stated in the disclosure that they consider this a “Wormable” vulnerability, since DNS servers are available to most of the systems within a network. If you are running Microsoft DNS server, it is recommended that you either deploy the patch as soon as possible or implement the registry workaround listed in the disclosure. More information can be found at https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350.
The rare rating means Microsoft is certainly taking it seriously, and so should you. If this patch wasn't considered for your maintenance window this Patch Tuesday, we recommend you get the attention of whomever is needed to approve it ASAP.
Spread the word and look out for your fellow IT Pros. The world is feeling extra vulnerable right now (at least to me) so we can all use a little extra help keeping it safe.