QID 92037

Date Published: 2023-07-12

QID 92037: Microsoft Windows Domain Name System (DNS) Server Remote Code Execution (RCE) Vulnerability July 2023

Microsoft Windows Domain Name System (DNS) Server Security Update - July 2023

Operating Systems: Windows Server 2008, Windows Server 2012, Windows Server 2022, Windows Server 2019, Windows Server 2016

The KB Articles associated with the update:
The patch version for KB5028222
The patch version for KB5028226
The patch version for KB5028169
The patch version for KB5028171
The patch version for KB5028168
The patch version for KB5028228
The patch version for KB5028223
The patch version for KB5028232
The patch version for KB5028233
The patch version for KB5028240
The patch version for KB5028224
QID Detection Logic (Authenticated):

This QID checks for the file version of dns.exe

Successful exploit could compromise Confidentiality, Integrity and Availability

CVSS V3 rated as High - 6.6 severity.

CVSS V2 rated as High - 6.8 severity.

Solution

Vendor has released patch. Please refer to
The patch version for KB5028222
The patch version for KB5028226
The patch version for KB5028169
The patch version for KB5028171
The patch version for KB5028168
The patch version for KB5028228
The patch version for KB5028223
The patch version for KB5028232
The patch version for KB5028233
The patch version for KB5028240
The patch version for KB5028224

Vendor References

KB5028168 - support.microsoft.com/en-in/help/5028168
KB5028169 - support.microsoft.com/en-in/help/5028169
KB5028171 - support.microsoft.com/en-in/help/5028171
KB5028222 - support.microsoft.com/en-in/help/5028222
KB5028223 - support.microsoft.com/en-in/help/5028223
KB5028224 - support.microsoft.com/en-in/help/5028224
KB5028226 - support.microsoft.com/en-in/help/5028226
KB5028228 - support.microsoft.com/en-in/help/5028228
KB5028232 - support.microsoft.com/en-in/help/5028232
KB5028233 - support.microsoft.com/en-in/help/5028233
KB5028240 - support.microsoft.com/en-in/help/5028240

CVEs related to QID 92037

CVE-2023-35345 | CVE-2023-35346 | CVE-2023-35310 | CVE-2023-35344 |

Software Advisories

Advisory ID	Software	Component	Link
KB5028168			support.microsoft.com/en-in/help/5028168
KB5028169			support.microsoft.com/en-in/help/5028169
KB5028171			support.microsoft.com/en-in/help/5028171
KB5028222			support.microsoft.com/en-in/help/5028222
KB5028223			support.microsoft.com/en-in/help/5028223
KB5028224			support.microsoft.com/en-in/help/5028224
KB5028226			support.microsoft.com/en-in/help/5028226
KB5028228			support.microsoft.com/en-in/help/5028228
KB5028232			support.microsoft.com/en-in/help/5028232
KB5028233			support.microsoft.com/en-in/help/5028233
KB5028240			support.microsoft.com/en-in/help/5028240

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].