[–] InterestingThings 0 points 1 points (+1|-0) ago 

Summary not exactly correct. From the advisory page at microsoft (emphasis mine)

"To exploit the vulnerability, the attacker would use a malicious DNS server to send corrupted DNS responses to the target."

So this means a user looks up: evil-bad-domain.com and evil-bad-domain.com's DNS server sends a crafted response back to your system (which includes malware code) which then runs code as LocalSystem (all privileges) on your computer.


[–] derram 0 points 1 points (+1|-0) ago 

https://archive.fo/JQ5HX :

June 2018, and Windows Server can be pwned with a DNS request • The Register

'Three of the patches (CVE-2018-8110, CVE-2018-8111, and CVE-2018-8236) address remote code execution holes in Edge, while two remote code execution bugs in IE (CVE-2018-8249 and CVE-2018-0978) were patched as well. ', "Edge's Chakara scripting engine was found to host two of its own remote code execution flaws- CVE-2018-8229 and CVE-2018-8227."

'Childs also recommends admins prioritize the fix for CVE-2018-8231, a remote code execution bug in Http.sys. '

'Other critical patches include CVE-2018-8267, allowing remote code execution from a memory corruption flaw in the Windows scripting engine. '

'Among the most serious bugs addressed this month is CVE-2018-8225, a remote code execution vulnerability present in the Windows DNSAPI. Microsoft says that the flaw would allow an attacker to take over the target system (either Windows or Windows Server) simply by sending a malformed DNS request. '

This has been an automated message.