The CERT Coordination Center (CERT/CC) has published data on vulnerabilities affecting versions of Microsoft Windows and Windows Server.
Microsoft had issued an advisory for CVE-2018-8611, a Windows kernel elevation of privilege bug that exists when the Windows kernel fails to properly handle objects in memory. An attacker who exploited this flaw could run arbitrary code in kernel mode. The company also issued CVE-2018-8626 for a Windows DNS server heap overflow vulnerability. A remote code execution flaw exists in Windows DNS servers when they don’t properly handle requests, Microsoft explains.
Read more about the critical Windows flaws on DarkReading.