Upcoming Update to QID 91704 for Microsoft Windows DNS Spoofing Vulnerability (ADV200013)

This is to inform you of an upcoming update to our detection for QID 91704: Microsoft Windows DNS Resolver Addressing Spoofing Vulnerability.

On August 28, 2025, Microsoft updated its security advisory, ADV200013, which was originally released in 2020. The update expands the list of operating systems affected by this vulnerability to include newer versions.

The newly added affected systems are:

• Windows Server 2022, version 23H2
• Windows Server 2025
• Windows Server 2025 (Server Core installation)

To align with this new guidance, we will be updating the detection logic for QID 91704. This change is scheduled for Monday, September 8, 2025. After this update, scans will flag this vulnerability on the newly supported Windows Server versions if the workaround is not applied.

For complete details on the vulnerability and the required workaround, please refer to the official Microsoft advisory: https://msrc.microsoft.com/update-guide/vulnerability/ADV200013