Showing results for 
Search instead for 
Did you mean: 
Create Post

Rare CVSS 10 Vulnerability Disclosed for Microsoft DNS Servers

Level 13

With the many and varied vulnerabilities to assess on Patch Tuesday, we wanted to take a few moments to highlight a particularly dangerous one. If you have missed the chatter online about this vulnerability, the technical details are here:

On July 14th, Microsoft disclosed a vulnerability for those running Microsoft DNS servers and/or Active Directory environments, and issued a patch.  


An unauthenticated attacker could send a packet to the DNS server and gain Local System access. Microsoft has listed this vulnerability as “Exploitation More Likely” and assigned it a rare CVSS score of 10.  Microsoft stated in the disclosure that they consider this a “Wormable” vulnerability, since DNS servers are available to most of the systems within a network. If you are running Microsoft DNS server, it is recommended that you either deploy the patch as soon as possible or implement the registry workaround listed in the disclosure.  More information can be found at

The rare rating means Microsoft is certainly taking it seriously, and so should you. If this patch wasn't considered for your maintenance window this Patch Tuesday, we recommend you get the attention of whomever is needed to approve it ASAP.

Spread the word and look out for your fellow IT Pros. The world is feeling extra vulnerable right now (at least to me) so we can all use a little extra help keeping it safe.

1 Comment

That was a gnarly one. Thanks for raising awareness across the boards here as well. This was one of those few cases where we patched our DNS servers on the same night that the CVE was announced.