This is so, so bad.
CVE-2020-1350 with CVSS of 10 named #SIGRed. Wormable RCE vulnerability in Windows DNS Server affecting all versions of Windows server running the DNS role. https://msrc-blog.microsoft.com/2020/07/14/july-2020-security-update-cve-2020-1350-vulnerability-in-windows-domain-name-system-dns-server/

Exploit released already - https://github.com/ZephrFish/CVE-2020-1350

#infosec #cybersecurity
The following registry modification has been identified as a workaround for this vulnerability.
HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\DNS\\Parameters
DWORD = TcpReceivePacketSize
Value = 0xFF00
 Note: A restart of the DNS Service is required to take effect.
But patch, don’t just cover up the problem.
It turns out this isn’t actually an exploit, sorry guys.

Kindly informed by the same Offsec guys who enjoy wasting people’s time and releasing exploits for critical vulnerabilities on weekends 🤷‍♂️
You can follow @blueteamblog.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled: