Windows Server DNS flaw allows remote code execution

Microsoft is warning users runing the Domain Name Service (DNS) look up feature on Windows Server to patch their installations against a critical vulnerability that permits attackers to remotely execute code on affected machines.

The vulnerability has been assigned the common vulnerabilities and exploits index term CVE-2015-6125 and affects 32 and 64-bit versions of Windows Server 2008, 2008 R2, 2012 and 2012 R2, and the stripped-down Server Core variants, Microsoft said.

Windows Server Technical Preview 3 and 4 are also affected

Attackers can exploit the vulnerability in the Windows DNS simply by sending malicious requests to systems via the internet. The requests can be crafted to run arbitrary code on vulnerable Windows Server machines.

The vulnerability is caused by a bug that means memory is referenced after it has been freed.

Microsoft said there are no mitigating factors for the vulnerability, or workarounds.

Another critical vulnerability plugged in the December 2015 set of security updates affects how the Windows Uniscribe application programming interfaces for typography parse specially crafted fonts. 

The Uniscribe integer underflow vulnerability can be used for remote code execution, allowing attackers who convince users to open specially crafted documents to install programs, modify and delete data, and create system accounts with full user privileges.

Windows 7 with Service Pack 1 installed is vulnerable in 32 and 64-bit versions, along with Windows Server 2008 R2 SP1, and Server Core 2008 R2 x64 SP1, Microsoft said.

There are also no mitigating factors or workarounds for the Uniscribe vulnerability.