On June 6, 2017, security researcher Tuan Anh Ngo from VnSecurityTeam discovered a critical vulnerability in Windows DNS servers.
An attacker could exploit this vulnerability by sending malformed DNS requests to a target system. A successful exploit could cause a denial-of-service condition by exhausting server resources and slowing down service performance.
It is important to note that an attack would only work against Windows DNS servers that are running on Windows 10.
In order to exploit this vulnerability, an attacker would have to be connected to the target network. A remote attack could be initiated with a malformed DNS request by sending it to the Windows DNS server.
An attacker could use social engineering techniques to trick users into clicking malicious links.
Windows 10 Anniversary Update, version 1607 and Windows Server 2016 are the only Windows operating systems that are affected by this vulnerability. Denial of service attacks are possible against Windows DNS servers running on Windows 10.
In order to exploit this vulnerability, an attacker would have to be connected to the target network. A remote attack could be initiated with a malformed DNS request by sending it to the Windows DNS server.An attacker could use social engineering techniques to trick users into clicking malicious links.
It is recommended that users check their Windows DNS settings and make sure that their DNS servers are configured properly.
Windows DNS Server Vulnerability
On June 6, 2017, security researcher Tuan Anh Ngo from VnSecurityTeam discovered a critical vulnerability in Windows DNS servers.
An attacker could exploit this vulnerability by sending malformed DNS requests to a target system. A successful exploit could cause a denial-of-service condition by exhausting server resources and slowing down service performance.
It is important to note that an attack would only work against Windows DNS servers that are running on Windows 10.In order to exploit this vulnerability, an attacker would have to be connected to the target network. A remote attack could be initiated with a malformed DNS request by sending it to the Windows DNS server.An attacker could use social engineering techniques to trick users into clicking malicious links.
Windows 10 Anniversary Update, version 1607 and Windows Server 2016 are the only Windows operating systems that are affected by this vulnerability. Denial of service attacks are possible against Windows DNS servers running on Windows 10.In order to exploit this vulnerability, an attacker would have to be connected to the target network. A remote attack could be initiated with a malformed DNS request by sending it to the Windows DNS server.An attacker could use social engineering techniques to trick users into clicking malicious links.It is recommended that users check their Windows DNS settings and make sure that their DNS servers are configured properly.[END]
Windows DNS server vulnerability details##
Timeline
Published on: 04/15/2022 19:15:00 UTC
Last modified on: 04/26/2022 12:33:00 UTC