![]() ![]() Microsoft is aware of a vulnerability involving DNS cache poisoning caused by IP fragmentation that affects Windows DNS Resolver.Īn attacker who successfully exploited this vulnerability could spoof the DNS packet which can be cached by the DNS Forwarder or the DNS Resolver. The addressing spoofing vulnerability, tracked as CVE-2020-25705 and nicknamed SAD DNS (Side-channel AttackeD DNS), exists in the Windows DNS resolver component that comes bundled with the Windows Transmission Control Protocol/Internet Protocol (TCP/IP) stack: In the advisory notice, Microsoft guides DNS admins to limit the DNS UDP packet size to stop DNS cache poisoning attacks leveraging this vulnerability in their tracks.Īfter the registry update, the DNS resolver will switch to TCP for all responses larger than 1,221 bytes, automatically blocking these types of attacks. references CVE-2020-25705 in relationship to this vulnerability. Microsoft refers to the advisory as ADV200013. On December 8th, 2020, Microsoft issued an advisory for a spoofing vulnerability in the DNS Resolver component. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |