Check Point researchers disclose a new highly critical “wormable” vulnerability. The 17-year-old remote code execution flaw (CVE-2020-1350) could allow an unauthenticated, remote attacker to gain domain administrator privileges over targeted servers and seize complete control of an organization’s IT infrastructure. Microsoft has released a patch for the bug, and advised users to install the patches immediately. The vulnerability is not currently known to be used in active attacks, but Microsoft said it found no evidence that the bug has been actively exploited.
Source: https://thehackernews.com/2020/07/windows-dns-server-hacking.html