CISA Releases Emergency Directive on Critical Microsoft Vulnerability

Original release date: July 16, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) has released Emergency Directive 20-03 addressing a critical vulnerability—CVE-2020-1350—affecting all versions of Windows Server with the Domain Name System (DNS) role enabled. A remote attacker could exploit this vulnerability to take control of an affected system. This vulnerability is considered “wormable” because malware exploiting it on a system could, without user interaction, propagate to other vulnerable systems.

Although Emergency Directive 20-03 applies only to certain Executive Branch departments and agencies, CISA strongly recommends state and local governments, the private sector, and others patch this critical vulnerability as soon as possible. Review the following resources for more information:

CISA Emergency Directive 20-03: Mitigate Windows DNS Server Remote Code Execution Vulnerability from July 2020 Patch Tuesday
CISA Blog on Emergency Directive (ED 20-03) Windows DNS Server Vulnerability
Microsoft Security Vulnerability Information for CVE-2020-1350
Microsoft Security Blog Post: CVE-2020-1350 Vulnerability in Windows DNS Server

This product is provided subject to this Notification and this Privacy & Use policy.

Source link

admin

Next Microsoft Releases Security Update for Edge »

Previous « Cisco Releases Security Updates for Multiple Products

This website uses cookies.

CISA Releases Emergency Directive on Critical Microsoft Vulnerability

Recent Posts

CISA Releases Nine Industrial Control Systems Advisories

CISA Releases Six Industrial Control Systems Advisories

CISA Adds Four Known Exploited Vulnerabilities to Catalog

Joint Advisory Issued on Protecting Against Interlock Ransomware

CISA Adds One Known Exploited Vulnerability, CVE-2025-53770 “ToolShell,” to Catalog

Microsoft Releases Guidance on Exploitation of SharePoint Vulnerability (CVE-2025-53770)