Is HCL allready working on fixes / workarounds for CVE-2020-1350

There is a rather critical CVE publised from Microsoft :

A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka ‘Windows DNS Server Remote Code Execution Vulnerability’.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1350 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350

is therr work being done to deliver the patches and/or workaround or do we have to build them ourselfs?

This is something I’m also waiting for.
It is my understanding that HCL releases updated 24 hrs after they are leased from manufacturer.

There has been a release for July 2020 Security Updates.

Published site version:
Patches for Windows, version 3578

1 Like

Although fix is included in Quality rollup it would be useful to have a fixlet made available to fix his Vulnerability individually. this would allow admins to shore up affected services (DNS servers) but leave monthly patching on regular cycle.