Introduction. On July 14, 2020, Microsoft released a security update for the issue that is described in CVE-2020-1350 | Windows DNS Server Remote Code Execution Vulnerability. This advisory describes a Critical Remote Code Execution (RCE) vulnerability that affects Windows servers that are configured to run the DNS Server role.

A denial of service vulnerability exists in Windows DNS Server if the server is configured to answer version queries. An attacker who successfully exploits this vulnerability could cause the DNS Server service to become unresponsive. To learn more about the vulnerability, go to the Security Update Guide.

INTRODUCTION. Microsoft has released security bulletin MS08-037. To view the complete security bulletin, visit one of the following Microsoft Web sites: Home users: http://www.microsoft.com/protect/computer/updates/bulletins/200807.mspx Skip the details: Download the updates for your home computer or laptop from the Microsoft Update Web site now:

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends specially crafted requests to a DNS server. To learn more about the vulnerability, see Microsoft Security Bulletin MS16-071.

When a Windows Server 2012 R2-based DNS server is enabled for domain name system security extensions (DNSSEC) validation, the DNS server may not always resolve some DNSSEC-signed zones. For example, when the DNS server receives a request to resolve a host name in a DNSSEC-signed zone, the DNS server returns a SERVFAIL error to the client.

Summary. A denial of service vulnerability exists in the Windows Domain Name System (DNS) DNSAPI.dll when it fails to properly handle DNS responses. To learn more about the vulnerability, go to CVE-2018-8304. More Information. Important. If you install a language pack after you install this update, you must reinstall this update.

Workaround. To avoid this issue, identify and remove the "@" CNAME record that is causing the issue from the misconfigured zone before you install security update 2647170. To help identify problematic zones, run the following sample PowerShell script. PowerShell is installed by default in Windows Server 2008 R2.

Fixes a memory leak that occurs when you perform Zone Transfer operations for lots of zones on a DNS server that is running Windows Server 2008 R2. When this issue occurs, all running applications and services stop responding.

Describes an issue in which a DNS server that has hotfix 2550719 installed responds slowly to DNS queries, or the DNS service crashes.

Summary. This update provides the following functionality on Windows DNS servers: Query logging to enable statistics, billing, troubleshooting, and diagnostics. Change auditing. Resolution. Hotfix information. A supported hotfix is available from Microsoft Support.