Home / bulletins MS11-058 - Critical : Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485) - Version: 1.1
Posted on 22 September 2011
There is an newer version: MS11-058 - Version: 1.2
CriticalSeverity Rating: Critical
Revision Note: V1.1 (September 21, 2011): Corrected the Affected Software table to remove MS11-046 as a bulletin replaced by this update on all affected editions of Windows Server 2003. This is a detection change only. There were no changes to the security update files. Customers who have already successfully updated their systems do not need to take any action.
Summary: This security update resolves two privately reported vulnerabilities in Windows DNS server. The more severe of these vulnerabilities could allow remote code execution if an attacker registers a domain, creates an NAPTR DNS resource record, and then sends a specially crafted NAPTR query to the target DNS server. Servers that do not have the DNS role enabled are not at risk.Other versions
- MS11-058 - Version: 1.0
- MS11-058 - Version: 1.1
- MS11-058 - Version: 1.2
