09.264.2011 - MS11-058 - Critical : Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485) - Version: 1.1

Severity Rating: Critical Revision Note: V1.1 (September 21, 2011): Corrected the Affected Software table to remove MS11-046 as a bulletin replaced by this update on all affected editions of Windows Server 2003. This is a detection change only. There were no changes to the security update files. Customers who have already successfully updated their systems do not need to take any action. Summary: This security update resolves two privately reported vulnerabilities in Windows DNS server. The more severe of these vulnerabilities could allow remote code execution if an attacker registers a domain, creates an NAPTR DNS resource record, and then sends a specially crafted NAPTR query to the target DNS server. Servers that do not have the DNS role enabled are not at risk. - View Microsoft Security Bulletin MS11-058 - View Microsoft Knowledge Base Article - on: 1. - Visit Microsoft Corporation