[German]Administrators in enterprise environment should update Windows Server urgently, as a vulnerability has been found in the DNS system that has existed since at least 2012.
It’s an explicit security warning, which is now pointed out by various security specialists such as T-Systems Austria CERT.
There is a remote code execution vulnerability in Windows DNS servers. Attackers can run arbitrary code as local system. Patch your DCs! https://t.co/QGTSvBs2wW
— T-Systems Austria CERT (@CERT_TSystemsAT) 13. Dezember 2018
There is a heap overflow vulnerability in the Windows DNS server (CVE-2018-8626). Windows Domain Name System (DNS) servers do not properly process requests. An attacker who successfully exploits the vulnerability could execute arbitrary code (remote code execution) within the Local System Account.
Windows servers configured as DNS servers are vulnerable to this vulnerability. To exploit the vulnerability, an unauthenticated attacker could send malicious requests to a Windows DNS server.
Security updates to fix CVE-2018-8626
Microsoft has released security updates effective December 11, 2018 that address this vulnerability. This Microsoft Web site provides a list of updates for various versions of Windows Server that address this vulnerability.
|Produkt||KB-Artikel||MS Update Catalog|
|Windows 10 Version 1607||4471321||Download|
|Windows 10 Version 1709||4471329||Download|
|Windows 10 Version 1803||4471324||Download|
|Windows 10 Version 1809||4471332||Download|
|Windows Server 2012 R2||4471320
|Windows Server 2016||4471321||Download|
|Windows Server V1709 (Core)||4471329||Download|
|Windows Server V1803 (Core)||4471324||Download|
|Windows Server 2019||4471332||Download|
The updates shown in the above table will be distributed via Windows Update, but may also be downloadable via Microsoft Update Catalog.