A remote code execution vulnerability (CVE-2020-1350) affects all versions of the DNS Server role in all versions of windows server so far. This vulnerability is wormable, and would run under the system context, giving any attackers full control of an affected DNS host.
Due to the ability of this vulnerability to quickly spread through and take control of any hosts running the DNS Server service on a network, we will be patching and rebooting all affected, servers on 18th July 2020 at 21:30 PM MST.
Customers with their own update infrastructure will also be scheduled separately.
You can read more about the exploit (and patches mitigating it), here:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350
We will update you as maintenance begins.
Impact of Work:
All affected hosts will be rebooted automatically / ASAP to propagate fixes, starting 18th July 2020 at 21:30 PM MST
Internal systems on windows 2008 and up (such as the management portal) may be temporarily impacted in the time it takes to reboot them.
