Endpoint Vulnerability

Microsoft: Windows DNSAPI Remote Code Execution Vulnerability

Description

A remote code execution vulnerability exists in Windows Domain Name System (DNS) DNSAPI.dll when it fails to properly handle DNS responses. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account.

Affected Products

Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation),Windows Server, version 1803 (Server Core Installation)

References

CVE-2018-8225,