11th December was Microsoft ’ s December 2018 Patch Tuesday , which means users had to update Vulnerability-related.PatchVulnerability their computers to be protected from the latest threats to Windows and Microsoft products . Microsoft has fixed Vulnerability-related.PatchVulnerability 39 vulnerabilities , with 10 of them being labeled as Critical . Keeping up with its December 2018 Patch Tuesday , Microsoft announced Vulnerability-related.DiscoverVulnerability on its blog that a vulnerability exists in Vulnerability-related.DiscoverVulnerability Windows Domain Name System ( DNS ) . There was not much information provided to the customers about how and when this vulnerability was discovered Vulnerability-related.DiscoverVulnerability . The following details were released by Microsoft : The Exploit Microsoft Windows is prone Vulnerability-related.DiscoverVulnerability to a heap-based buffer-overflow vulnerability . A remote code execution vulnerability exists in Vulnerability-related.DiscoverVulnerability Windows Domain Name System ( DNS ) servers when they fail to properly handle requests . An attacker who successfully exploits Vulnerability-related.DiscoverVulnerability this issue may execute arbitrary code within the context of the affected application . Microsoft states that failed exploit attempts will result in a denial-of-service condition . Windows servers that are configured as DNS servers are at risk from this vulnerability . Affected Systems Find a list of the affected systems on Microsoft ’ s Blog . The company has also provided Vulnerability-related.PatchVulnerability users with security updates for the affected systems . Workarounds and Mitigations As of today , Microsoft has not identified any workarounds or mitigations for the affected systems . Jake Williams , the founder of Rendition Security and Rally security , posted an update on Twitter about the issue , questioning why there is no sufficient discussion among the infosec community about the matter .