Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2018-8225: Windows DNSAPI Remote Code Execution Vulnerability

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Microsoft CVE-2018-8225: Windows DNSAPI Remote Code Execution Vulnerability

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

06/12/2018

Created

07/25/2018

Added

06/12/2018

Modified

11/18/2021

Description

A remote code execution vulnerability exists in Windows Domain Name System (DNS) DNSAPI.dll when it fails to properly handle DNS responses. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account. To exploit the vulnerability, the attacker would use a malicious DNS server to send corrupted DNS responses to the target. The update addresses the vulnerability by modifying how Windows DNSAPI.dll handles DNS responses.

Solution(s)

msft-kb4230467-2172036c-3f0f-4ca0-9081-06d3fa976900
msft-kb4230467-3a9109f9-ec94-4803-ad61-a9dc44cebc8d
msft-kb4230467-852654da-ddde-4d1c-9119-d6b22b7a87cb
msft-kb4230467-a9990a7b-3e69-4fb5-97c5-e0cd904b6d88
msft-kb4284819-09802fac-5d82-4589-9da1-a1b16f7516c6
msft-kb4284819-12056057-df80-4f20-a9f8-c8b9bd18ccd6
msft-kb4284819-af7712ab-eaad-4b7d-8b8e-2a060c2bfe53
msft-kb4284835-3c78a800-e801-4176-a748-b741cf1f302a
msft-kb4284835-f0914666-2046-4a90-8eeb-2a49b3a2d663
msft-kb4284835-f74f5aaf-95df-4818-8df0-2986a9d1a34e
msft-kb4284846-7224573a-6e40-488e-9fc4-b9fe63ac4f30
msft-kb4284846-83ee3488-e32d-4212-9b14-8bafd9f37918
msft-kb4284846-db5ae8fc-d920-4d70-9f2e-1a912e7ac85f
msft-kb4284860-1a3a39c1-fdd4-4e6f-b16b-9593c41df042
msft-kb4284860-1b92ed90-ad9d-40f4-8c2c-decd1abd27ea
msft-kb4284867-44e75293-87aa-4492-bc0c-1c7a8cabd0f1
msft-kb4284867-886f5701-c858-4b84-9222-1de1455020c6
msft-kb4284867-a31ec407-3bf3-4abb-9d95-a20580c3ada2
msft-kb4284867-ba4e3571-fa24-464e-85dc-3a90994d972d
msft-kb4284867-c34dd24f-8ba7-48de-891a-72e59d5b49c2
msft-kb4284867-e3aeb85f-2c58-4883-97ca-e342d7ab1c0c
msft-kb4284874-689410ed-3cb3-4b76-84b1-5b940e14ab6a
msft-kb4284874-fd45c4c5-93e4-4467-a41d-4876854a0a7c
msft-kb4284878-0a54ebd2-54fe-40f5-9639-b72023b7a808
msft-kb4284878-45636cfd-ab6b-4db5-a310-712f3663eae6
msft-kb4284878-4a69b135-0fe8-45c6-9994-61ebbe2e788c
msft-kb4284880-073aa939-731e-464c-b64e-f6241c4d9a86
msft-kb4284880-29a03d50-43ed-42e6-8012-2a9f083f4f81
msft-kb4284880-3105f320-7d78-4034-a86c-03b4f9352480
msft-kb4284880-828da5bc-120f-4a10-9fe3-c20aaafbbaff
msft-kb4284880-b0b5ce3d-8502-4c09-a621-8486d91d775e
msft-kb4284880-fa8b8608-4925-4c9b-871f-a3e5d0b082fa

References

https://attackerkb.com/topics/cve-2018-8225
CVE - 2018-8225
4230467
4284815
4284819
4284826
4284835
4284846
4284855
4284860
4284867
4284874
4284878
4284880

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2018-8225: Windows DNSAPI Remote Code Execution Vulnerability

Microsoft CVE-2018-8225: Windows DNSAPI Remote Code Execution Vulnerability

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.