Remote code execution vulnerability in Windows DNS (CVE-2020-1350)

On 14 July 2020, Microsoft acknowledged a critical remote code execution vulnerability in Windows Domain Name System (DNS), which could allow an adversary to run arbitrary code.

Alert status

CRITICAL

The Australian Cyber Security Centre strongly recommends users apply the security patch to their Windows DNS servers to prevent an adversary from exploiting this vulnerability.

15 Jul 2020

ACSC Advisory 2020-012: Critical remote code execution vulnerability in Windows DNS server (CVE-2020-1350)