Original release date: July 16, 2020
The Cybersecurity and Infrastructure Security Agency (CISA) has released Emergency Directive 20-03 addressing a critical vulnerability—CVE-2020-1350—affecting all versions of Windows Server with the Domain Name System (DNS) role enabled. A remote attacker could exploit this vulnerability to take control of an affected system. This vulnerability is considered “wormable” because malware exploiting it on a system could, without user interaction, propagate to other vulnerable systems.
Although Emergency Directive 20-03 applies only to certain Executive Branch departments and agencies, CISA strongly recommends state and local governments, the private sector, and others patch this critical vulnerability as soon as possible. Review the following resources for more information:
This product is provided subject to this Notification and this Privacy & Use policy.
Systems Affected Continuing Threats to Home Users View Previous Alerts Alert (SA04-079A) Continuing Threats…
Systems Affected Microsoft Windows systems Overview A cross-domain vulnerability in the Outlook…
Systems Affected Systems running Microsoft Windows Overview There are multiple vulnerabilities in…
Systems Affected Microsoft Windows Operating Systems Microsoft Windows Remote Procedure Call (RPC) and Distributed…
Systems Affected Cisco routers and switches running vulnerable versions of IOS. Vulnerable IOS versions known…
Systems Affected Systems that rely on persistent TCP connections, for example routers supporting BGP Overview…
This website uses cookies.