NLnet Labs has released an emergency patch for Unbound after researchers disclosed CVE-2025-11411, a cache‑poisoning class vulnerability that lets crafted responses carrying promiscuous NS resource record sets (RRSets) in the DNS authority section trick resolvers into updating delegation data —...
Microsoft has updated guidance in its Security Update Guide advisory ADV200013 — the advisory that covers DNS resolver spoofing and cache‑poisoning attacks — and is explicitly telling administrators that in addition to older server builds the mitigation applies to newer releases such as Windows...
1221
adv200013
dnscachepoisoningdns forwarders
dns over tcp
dns registry
dns security
edns0
firewall dns tcp
maximumudppacketsize
powershell
registry hardening
sad dns
security guidance
server core
tcp dns latency
windows dns server
windows server
windows server 2022 23h2
windows server 2025