Security
Headlines
HeadlinesLatestCVEs

Tag

#Microsoft Windows DNS

CVE-2023-28223: Windows Domain Name Service Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** In a network-based attack an attacker would need to have the privileges to query the Domain Name Service (DNS). If the timing of DNS queries is perfect, the attacker could execute code remotely on the target server.

Microsoft Security Response Center
#vulnerability#web#windows#rce#Microsoft Windows DNS#Security Vulnerability
CVE-2023-28305: Windows DNS Server Remote Code Execution Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.