Executive Summary

The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache.

Why It Matters

CVE-2000-1218 is rated CRITICAL severity, requiring immediate attention from security teams.

CVSS Base Score: 9.8/10

Affected Technologies

Vendors: microsoft

Products: windows_2000, windows_98, windows_98se, windows_nt, windows_xp

🛡️What Defenders Should Check

Check if you are affected — Review your asset inventory for products listed in CVE-2000-1218.

Apply available patches — Visit vendor advisories for the latest security updates.

Monitor for exploitation — Check your SIEM/IDS logs for related indicators.

Use Vulnios to continuously monitor your exposure to CVE-2000-1218 and similar vulnerabilities.

References & Sources

http://www.kb.cert.org/vuls/id/458659

https://exchange.xforce.ibmcloud.com/vulnerabilities/4280

http://www.kb.cert.org/vuls/id/458659

https://exchange.xforce.ibmcloud.com/vulnerabilities/4280

AI Security Advisor

Get AI-powered security recommendations tailored to this specific threat — including risk assessment, detection guidance, MITRE ATT&CK mapping, and actionable remediation steps.

Affected Products

windows_2000windows_98windows_98sewindows_ntwindows_xp

Sources

NVD / NIST

critical

Protect Your Organization

Monitor CVEs, scan for vulnerabilities, and get real-time threat alerts — all in one platform.

Get Started Free Free Security Scan OSINT Dashboard

Get instant alerts on Telegram

Join our public channel for real-time critical CVE alerts.

Follow @vulnios

Critical Vulnerability: CVE-2000-1218 — microsoft — windows_2000, windows_98