====================================================================

                               CERT-Renater

                   Note d'Information No. 2016/VULN247
_____________________________________________________________________

DATE                : 15/06/2016

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Windows version Server 2012.

======================================================================
KB3164065
https://technet.microsoft.com/en-us/library/security/MS16-071
____________________________________________________________________

Microsoft Security Bulletin MS16-071: Security Update for Microsoft 
Windows DNS Server (3164065)

Executive Summary

This security update resolves a vulnerability in Microsoft Windows. The
vulnerability could allow remote code execution if an attacker sends
specially crafted requests to a DNS server.

This security update is rated Critical for all supported releases of
Windows Server 2012 and Windows Server 2012 R2. For more information,
see the Affected Software and Vulnerability Severity Ratings section.

The security update addresses the vulnerability by modifying how DNS
servers handle requests.


Affected Software

Operating System

Windows Server 2012

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2 (Server Core installation)


Vulnerability Information

Windows DNS Server Use After Free Vulnerability - CVE-2016-3227

A remote code execution vulnerability exists in Windows Domain Name
System (DNS) servers when they fail to properly handle requests. An
attacker who successfully exploited the vulnerability could run
arbitrary code in the context of the Local System Account. Windows
servers that are configured as DNS servers are at risk from this
vulnerability.

To exploit the vulnerability, an unauthenticated attacker could send
malicious requests to a Windows DNS server. The update addresses the
vulnerability by modifying how Windows DNS servers handle requests.

The following table contains links to the standard entry for each
vulnerability in the Common Vulnerabilities and Exposures list:

Vulnerability Title  CVE number   Publicly disclosed   Exploited

Windows DNS Server
Use After Free Vulnerability CVE-2016-3227	No 	No

==========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================