By exploiting the flaw, "a hacker [can] craft malicious DNS queries to Windows DNS servers, and achieve arbitrary code execution that could lead to the breach of the entire infrastructure,"
the team says. CVE-2020-1350 affects all Windows Server versions from 2003 to 2019. The vulnerability exists due to how Windows DNS server parses an incoming DNS query, as well as how forwarded DNS queries are handled.
Learn more >