In the October Patch Tuesday, Microsoft released patches for several critical vulnerabilities, including flaws in the Windows DNS Client that were found by Senior Security Associate Nick Freeman. As highlighted in the Security Affairs article – Microsoft’s October Patch Tuesday Addresses Three Critical Zero-Day Security Vulnerabilities Tied to the DNSSEC Protocol, these heap buffer-overflow flaws could be exploited by an attacker to gain control over a user’s computer.

For more details on Nick’s research, check out his blog post A Bug Has No Name: Multiple Heap Buffer Overflows in the Windows DNS Client.