Microsoft released a security bulletin today detailing a RCE in all known Windows DNS Servers, with a base CVSS score of 10.0.
Datashield recommends patching any public facing windows DNS servers immediately. If patching isn’t possible, implementing the temporary workaround outlined Microsoft would mitigate the concern until a patch can be scheduled.
We do also recommend patching internal windows DNS servers as well, as once a POC is published, this will be a common avenue for lateral movement in windows environments by both malware and penetration testers alike once a POC is announced.
Our content team will be developing an alert for this CVE for future detections.
Microsoft Article: https://msrc-blog.microsoft.com/2020/07/14/july-2020-security-update-cve-2020-1350-vulnerability-in-windows-domain-name-system-dns-server
Workaround and Mitigations: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350
If you have any questions regarding this vulnerability, please contact us.