Wednesday 15 July 2020

CVE-2020-1350 | Windows DNS Server Remote Code Execution Vulnerability (Short Temp Fix)

A DNS Security risk has been found in Windows DNS that could / will be weaponised as a worm.

Short Term Fix Until you install the patch
  DWORD = TcpReceivePacketSize 
  Value = 0xFF00

The DNS service has to be restarted.

This workaround may break some DNS request, Microsoft says that standard DNS queries "should" be ok, but recommend diagnostic logging of the DNS server before applying to confirm.

The Default (also max) Value = 0xFFFF
The Recommended Value = 0xFF00 (255 bytes less than the max)

Once you have the security patch installed you can remove the "TcpReceivePacketSize" Registry key returning it all back to default.

No comments:

Post a Comment