MS11-058 - Critical : Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485) - Ve

News

Extraordinary Robot
News Feed
#1
Severity Rating: Critical
Revision Note: V1.2 (October 25, 2011): Announced a change to detection logic and corrected bulletin replacement information for some affected configurations. There were no changes to the security update files. See the Update FAQ for details.
Summary: This security update resolves two privately reported vulnerabilities in Windows DNS server. The more severe of these vulnerabilities could allow remote code execution if an attacker registers a domain, creates an NAPTR DNS resource record, and then sends a specially crafted NAPTR query to the target DNS server. Servers that do not have the DNS role enabled are not at risk.

More...
 


This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.