You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
adv200013
About this tag
The tag adv200013 refers to Microsoft security advisory ADV200013, which addresses DNS cache poisoning and spoofing vulnerabilities in Windows DNS servers. The advisory provides mitigation guidance, including configuring the MaximumUdpPacketSize registry value to 1221 bytes to force large DNS responses over TCP instead of UDP. This mitigation applies to various Windows Server versions, including Windows Server 2022, 2025, and Server Core installations. The tag covers discussions on implementing this fix to protect against DNS resolver attacks.
Microsoft has updated guidance in its Security Update Guide advisory ADV200013 — the advisory that covers DNS resolver spoofing and cache‑poisoning attacks — and is explicitly telling administrators that in addition to older server builds the mitigation applies to newer releases such as Windows...
1221
adv200013
dns
dns cache
dns forwarders
dns over tcp
dns registry
dns security
edns0
firewall dns tcp
maximumudppacketsize
powershell
registry hardening
security tips
server core
tcp dns latency
windows server
windows server 2022
windows server 2025