• Skip to Content
  • Skip to Main Navigation
  • Skip to Search

Indiana University Indiana University IU

Open Search
  • Personal Preparedness
    • Email & phishing scams
    • Identity verification
    • IU passphrases
    • Hardware & software security
      • Laptop & mobile device security
      • Malware, scareware, & ransomware
      • Wearable technologies
      • Use of survey software
    • File sharing & copyright
      • Contesting copyright infringement notices
      • Disabling peer-to-peer file sharing
      • Copyright tutorial
      • Copyright infringement incident resolution
    • Vulnerability Disclosure Guidance
    • Keeping data safe
    • Web privacy
    • Account privileges
    • Remote Desktop
  • Information & IT Policies
    • Policy Hierarchy
    • Privacy policies & FAQ
    • Acceptable Use Agreement
    • Information & IT Policy Process
    • Cyber Risk Review
    • IT-12 Security Standards
  • Information Security & Privacy Program
    • Scope
    • Goals & Objectives
    • Governance
    • Principles
    • Safeguards
      • Risk assessment and treatment
      • Policy administration
      • Organization
      • Asset management
      • Human resources
      • Physical & environmental security
      • Communications & operations management
      • Identity & access control
      • Information systems acquisition, development, and maintenance
      • Incident management
      • Business continuity management
      • Compliance
    • Charter
  • Privacy Portal
    • Privacy matters
    • Sensitive data
      • Guidelines
  • Resources for IT Staff
    • Information security best practices
    • SSL/TLS certificates
    • Information Risk Assessments
    • SecureMyResearch
    • Cloud computing
    • Audits & requirements
    • Data encryption
    • Back up data
    • CIS Secure Suite
    • Disaster recovery planning
    • Managing employee data
    • Medical device security
    • Transferring data securely
    • Using SSH
    • Additional resources
      • Privacy Notice Generator
      • Incident Response Webservice
  • About
    • Glossary of Terms
    • Trustees Resolution
  • Contact
  • Report an Incident
    • Report Privacy Incident or Request Assistance
    • Emergency IT Incidents
    • Managing Incidents
    • Identity Theft
    • Reporting Suspected Sensitive Data Exposures
    • Reporting Suspected HIPAA Data Exposures

Information Security & Policy

  • Home
  • Personal Preparedness
    • Email & phishing scams
    • Identity verification
    • IU passphrases
    • Hardware & software security
    • File sharing & copyright
    • Vulnerability Disclosure Guidance
    • Keeping data safe
    • Web privacy
    • Account privileges
    • Remote Desktop
  • Information & IT Policies
    • Policy Hierarchy
    • Privacy policies & FAQ
    • Acceptable Use Agreement
    • Information & IT Policy Process
    • Cyber Risk Review
    • IT-12 Security Standards
  • Information Security & Privacy Program
    • Scope
    • Goals & Objectives
    • Governance
    • Principles
    • Safeguards
    • Charter
  • Privacy Portal
    • Privacy matters
    • Sensitive data
  • Resources for IT Staff
    • Information security best practices
    • SSL/TLS certificates
    • Information Risk Assessments
    • SecureMyResearch
    • Cloud computing
    • Audits & requirements
    • Data encryption
    • Back up data
    • CIS Secure Suite
    • Disaster recovery planning
    • Managing employee data
    • Medical device security
    • Transferring data securely
    • Using SSH
    • Additional resources
  • Search
  • About
  • Contact
  • Report an Incident
  • Home
  • Security Bulletins
  • Microsoft security updates

Critical remote code execution vulnerability in Microsoft DNSAPI

Thursday, June 14, 2018

Background

On June 12, Microsoft released its monthly patches, including several relating to critical vulnerabilities. The most concerning patch relates to a remote code execution vulnerability in the DNSAPI dynamic link library which has been assigned the identifier CVE-2018-8225. The DNSAPI is used for Domain Name System resolution and is a required component for a Windows-based machine to communicate over a computer network.

Impact

This vulnerability allows an attacker to remotely execute code in the context of the local system account (NT Authority\SYSTEM) by forcing the target system to make a DNS query to a malicious DNS server. The responsive DNS query is then relayed to the originally intended target DNS system and the vulnerability is exploited. DNS queries are one of the most common network activities performed, and an attacker may have several ways to trick a machine into initiating such a malicious DNS query.

Platforms affected

  • All versions of Windows 7
  • All versions of Windows 8
  • All versions of Windows 10
  • All versions of Windows Server 2008
  • All versions of Windows Server 2012
  • All versions of Windows Server 2016

Local observations

No known exploits exist in the wild at time of publishing this article; as such, the UISO has not observed local attacks exploiting this vulnerability. Given the ease at which this vulnerability could be exploited and the impact upon exploitation, a concern exists that this threat could easily be adapted into a wormable exploit. This outcome would likely result in exploitation that could occur at a rapid pace.

UISO recommendations

IT Professionals and those responsible for administering Windows-based systems should immediately install the June Cumulative Security Update and restart affected machines as soon as possible.

Workarounds

There are no known workarounds short of disabling network interfaces on a vulnerable system.

Further reading

  • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8225
  • https://www.zerodayinitiative.com/blog/2018/6/12/the-june-2018-security-update-review

Information Security & Policy resources

  • Leading in Cybersecurity
  • IU Data Management

Indiana University

Accessibility | College Scorecard | Privacy Notice | Copyright © 2025 The Trustees of Indiana University