Microsoft Released July 2020 Security Update

July 2020 Security Update addresses CVE-2020-1350, which is a Critical Remote Code Execution (RCE) vulnerability.

Recently, Microsoft released July 2020 Security Update, which covers an update for CVE-2020-1350, which is a Critical Remote Code Execution (RCE) vulnerability in Windows DNS Server that is classified as a ‘wormable’ vulnerability and has a CVSS base score of 10.0.
 
According to Microsoft, this vulnerability is the result of an error in the role implementation of Microsoft's DNS server and affects all versions of Windows Server. Non-Microsoft DNS Servers are not affected.
 
Wormable vulnerabilities have the ability to spread via malware between vulnerable computers without user interaction. Although this vulnerability is not currently known to be used in active attacks, it is important that clients implement Windows updates as soon as possible to fix this vulnerability.
 
Microsoft said that in case applying the update quickly is not practical for you, a registry-based workaround is also available that does not require restarting the server. You can find the update and the workaround both in detail in CVE-2020-1350. Those customers who have the automatic updates turned on do not need to take any additional action.