Microsoft – DNS – “Windows DNS Server Remote Code Execution Vulnerability” – CVE-2020-1350 – Remediation – Configuration – Registry


In the last week or so, Microsoft released an advisory relating to a security vulnerability within its DNS Server.


Security Vulnerability

Remote Code Execution Vulnerability

What is

What is a “Remote Code Execution Vulnerability“?

Most applications have an interface that accepts input ( command and data ) from the end-user.

If the end-user is able to present data and commands that bypasses the application’s in-built security, the requester may be able to get the application to execute code in unintended ways.

Usual Protection

  1. Reduce the size of input buffer
  2. Sanitize accepted code
  3. Augment better protection around code modules



Here are the remediation Microsoft is asking its customers to put in place:-

  1. Configuration
    • Registry
      • Reduce the maximum size of accepted input
  2. Software Upgrade




For the sake of brevity, we will only cover the configuration/registry change in this post.

We will have a follow-up for the software upgrade.



On the machines running Microsoft implementation of DNS Server

  1. Access Microsoft Windows Registry ( Regedit )
    • Subkey
      • Access the DNS Parameters subkey ( HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters )
    • Item
      • Add a new item TcpReceivePacketSize, if it does not yet exist
      • Set the item’s type and value to D-WORD and 0xFF00
  2. Access Microsoft Windows Command Line Console
    • Run cmd.exe ( in administrator mode )
    • Restart DNS Server Service
      • net stop dns
      • net start dns

Image – Registry – Before Change


Image – Registry – Adding TcpReceivePacketSize


Image – Registry – Post Change


Image – DNS Service – Stop And Start



  1. Microsoft
    • Support
      • KB4569509: Guidance for DNS Server Vulnerability CVE-2020-1350

One thought on “Microsoft – DNS – “Windows DNS Server Remote Code Execution Vulnerability” – CVE-2020-1350 – Remediation – Configuration – Registry

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s