Microsoft Windows DNS Security Feature Bypass Vulnerability



A vulnerability in the DNS Global Blocklist feature of Microsoft Windows could allow an authenticated, remote attacker to bypass security restrictions on a targeted system.

The vulnerability exists because the affected software improperly handles DNS Server Role record additions. An attacker could exploit this vulnerability via unspecified vectors. A successful exploit could allow the attacker to bypass Global Query Blocklist security restrictions.

Microsoft confirmed the vulnerability and released software updates.

Security Impact Rating: Medium

CVE: CVE-2018-8320

Source:: Cisco Multivendor Vulnerability Alerts