On July 14, 2020, Microsoft released a security update to correct a Critical Remote Code Execution (RCE) vulnerability in the Windows DNS Server that is classified as a ‘wormable’ vulnerability. As described by Microsoft’s Security Response Center:

“Wormable vulnerabilities have the potential to spread via malware between vulnerable computers without user interaction. Windows DNS Server is a core networking component. While this vulnerability is not currently known to be used in active attacks, it is essential that customers apply Windows updates to address this vulnerability as soon as possible.”

If unable to apply the update quickly, however, there is a workaround that does not require restarting the server, but it should be noted that after the workaround is implemented, a Windows DNS server won’t be able to resolve DNS names for its clients if the response from the upstream server is larger than 65,280 bytes.

Please be aware, Microsoft DNS Server users with automatic updates turned on or BeCloud's ManagedIT services do not need to take any additional action.

BeCloud is committed to keeping its customers informed about cybersecurity and making sure their devices remain protected through BeCloud’s SecureIT services.