One of the mitigation actions for the Microsoft DNS vulnerability is the disablement of the RPC Management functionality. Jesper Johansson explains how to do it in a large number of Domain Controllers and DNS servers (thanks Daniel!)
In short, the method consists of generating a text list with all the DNS servers, and then using a short script to remotelly connecto to each one (using Enterprise Admin credentials) to change the registry parameter and restarting the DNS service.
It is recommended to do this until you can patch.
Note about this workaround:
Setting the registry value to 4 will disable remote management and configuration of DNS server functionality using RPC or WMI will be disabled. DNS management tools, will fail to work remotely. Local management and remote management through terminal services can be still used to manage your DNS Server configuration.
You will still be able to use the DNS management MMC Snap-in, DNSCMD.exe, and the DNS WMI provider.
0 Responses to “Temporary workaround for Microsoft DNS issue”
Leave a Reply