Critical Updates – 2020 July

 Microsoft — CVE-2020-1350

This update resolves a flaw in all versions of Windows DNS Servers that would allow an attacker to gain Local System or Domain Admin privileges. This is also a wormable vulnerability, so make sure you patch all your Windows DNS Servers. Keep in mind that in most environments 99% of the Domain Controllers also run the DNS role so it is imperative that you patch your systems ASAP!

In addition, the PoC published by CheckPoint allows the ability to successfully gain Domain Admin rights when visiting a website with malicious code embedded when using Internet Explorer. The same tests did not work in either FireFox and Google Chrome as they prohibit DNS requests in this fashion.

Workaround Commands

@echo off
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters" /v "TcpReceivePacketSize" /t REG_DWORD /d 0xFF00 /f
net stop DNS && net start DNS
exit

Leave a reply:

Your email address will not be published.

Site Footer