{"id":19377,"date":"2021-03-24T08:34:25","date_gmt":"2021-03-24T07:34:25","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=19377"},"modified":"2022-06-27T09:19:40","modified_gmt":"2022-06-27T07:19:40","slug":"0patch-fixt-cve-2021-2687-im-dns-server-von-windows-server-2008-r2","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2021\/03\/24\/0patch-fixt-cve-2021-2687-im-dns-server-von-windows-server-2008-r2\/","title":{"rendered":"0patch fixes CVE-2021-26877 in the DNS server of Windows Server 2008 R2"},"content":{"rendered":"

[German<\/a>]ACROS Security has released a micropatch for the CVE-2021-26877 vulnerability in the Windows Server 2008 R2 DNS server. This vulnerability was patched by Microsoft in March 2021 via a security update. The 0patch solution is for people who do not have an ESU license.<\/p>\n

<\/p>\n

The vulnerability CVE-2021-26877<\/h2>\n

\"\"CVE-2021-26877<\/a> is a remote code execution (RCE) vulnerability in Windows DNS Server. Attack compatibility is rated low by Microsoft and no user interaction is required. Microsoft anticipates that the vulnerability is likely to be exploited.<\/p>\n

Microsoft has released security updates for Windows Server 2008 R2 through Windows Server 2004 and 20H2 as of March 9, 2021. However, Windows Server 2008 R2 systems will only receive this security update if a valid ESU license is present.<\/p>\n

0patch Micropatch for Windows Server 2008 R2<\/h2>\n

Mitja Kolsek from ACROS Security points out in the following tweet<\/a> that there is a micropatch for the vulnerability in the DNS server for Windows Server 2008 R2.<\/p>\n

\"0patch<\/a><\/p>\n

The micropatch is available for systems running Windows Server 2008 R2 that do not have Extended Security Update support (ESU) from Microsoft, but do have an opatch Pro subscription (for 23 Euro+VAT\/year). Notes on how the 0patch agent works, which loads the micropatches into memory at an application's runtime, can be found in blog posts (such as here<\/a>).<\/p>\n

Similar articles:
\n<\/strong>Windows 7: Forcing February 2020 Security Updates<\/a> \u2013 Part 1
\nWindows 7: Securing with the 0patch solution<\/a> \u2013 Part 2
\n0patch supports Office 2010 with micro patches after the end of support (EOL)<\/a>
\nWindows 7\/Server 2008\/R2: 0patch delivers security patches after support ends<\/a>
\nProject: Windows 7\/Server 2008\/R2 Life Extension & 0patch one month trial<\/a>
\n0patch: Fix for Internet Explorer 0-day vulnerability CVE-2020-0674<\/a>
\n0patch: Fix for Windows Installer flaw CVE-2020-0683<\/a>
\n0patch fix for Windows GDI+ vulnerability CVE-2020-0881<\/a>
\n0-day vulnerability in Windows Adobe Type Library<\/a>
\n0patch fixes CVE-2020-0687 in Windows 7\/Server 2008 R2<\/a>
\n0patch fixes CVE-2020-1048 in Windows 7\/Server 2008 R2<\/a>
\n0patch fixes CVE-2020-1015 in Windows 7\/Server 2008 R2<\/a>
\n0patch for 0-day RCE vulnerability in Zoom for Windows<\/a>
\nWindows Server 2008 R2: 0patch fixes SIGRed vulnerability<\/a>
\n0patch fixes CVE-2020-1113 in Windows 7\/Server 2008 R2<\/a>
\n0patch fixes CVE-2020-1337 in Windows 7\/Server 2008 R2<\/a>
\n0patch fixes CVE-2020-1530 in Windows 7\/Server 2008 R2<\/a>
\n0patch fixes Zerologon (CVE-2020-1472) vulnerability in Windows Server 2008 R2<\/a>
\n0patch fixes CVE-2020-1062 in Windows 7\/Server 2008 R2<\/a>
\n0patch fixes CVE-2020-1300 in Windows 7\/Server 2008 R2<\/a>
\n0patch fixes 0-day vulnerability in Windows 7\/Server 2008 R2<\/a>
\n0patch fixes CVE-2020-1013 in Windows 7\/Server 2008 R2<\/a>
\n0patch fixes a Local Privilege Escalation 0-day in Sysinternals PsExec<\/a>
\n0patch fixes Windows Installer 0-day Local Privilege Escalation vulnerability<\/a>
\n0patch fixes 0-day in Internet Explorer<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

[German]ACROS Security has released a micropatch for the CVE-2021-26877 vulnerability in the Windows Server 2008 R2 DNS server. This vulnerability was patched by Microsoft in March 2021 via a security update. The 0patch solution is for people who do not … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,2],"tags":[991,1079,18],"class_list":["post-19377","post","type-post","status-publish","format-standard","hentry","category-security","category-windows","tag-0patch","tag-sicherheit","tag-windows-server-2008-r2"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/19377","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=19377"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/19377\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=19377"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=19377"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=19377"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}