Home / bulletins

MS11-030 - Critical: Vulnerability in DNS Resolution Could Allow Remote Code Execution (2509553) - Version:1.0

Posted on 12 April 2011

There is an newer version: MS11-030 - Version: 1.1

Critical

Severity Rating: Critical - Revision Note: V1.0 (April 12, 2011): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Windows DNS resolution. The vulnerability could allow remote code execution if an attacker gained access to the network and then created a custom program to send specially crafted LLMNR broadcast queries to the target systems. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed. In this case, the LLMNR ports should be blocked from the Internet.

Link

Other versions

 

TOP