Windows DNS Server Heap Overflow Vulnerability [CVE-2018-8626]
CVE Number – CVE-2018-8626
A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they fail to properly handle requests. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account. Windows servers that are configured as DNS servers are at risk from this vulnerability.
To exploit the vulnerability, an unauthenticated attacker could send malicious requests to a Windows DNS server.
The Microsoft update addresses the vulnerability by modifying how Windows DNS servers handle requests.
To download the relevant update for your version of Windows please visit the following Microsoft support page :
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8626
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.