Skip to main content

Microsoft Windows DNS EUVDEUVD-2026-35643

| CVE-2026-41108 HIGH
Heap-based Buffer Overflow (CWE-122)
2026-06-09 secure@microsoft.com GHSA-xw2q-5wq4-7mx8
High
Disputed · 7.0 NVD
Temporal: 6.1
Share

Severity by source

Sources disagree (Medium–Critical)
NVD PRIMARY
7.0 HIGH
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
ENISA EUVD
CRITICAL
qualitative
CIRCL (temporal)
6.1 MEDIUM
cvss

vuln.today treats the vendor’s rating as authoritative. A higher third-party CVSS (e.g. CISA-ADP) is shown for transparency but does not drive the headline severity.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Patch available
Jun 09, 2026 - 19:03 EUVD
Analysis Generated
Jun 09, 2026 - 17:36 vuln.today
CVE Published
Jun 09, 2026 - 17:17 nvd
HIGH 7.0

DescriptionNVD

Heap-based buffer overflow in Microsoft Windows DNS allows an authorized attacker to elevate privileges locally.

AnalysisAI

Local privilege escalation in Microsoft Windows DNS allows an authenticated low-privileged user to gain elevated privileges via a heap-based buffer overflow (CWE-122). The CVSS 7.0 score reflects high attack complexity and local-only access, and no public exploit is identified at time of analysis. The flaw was reported privately by Microsoft (MSRC) and is tracked under MSRC advisory CVE-2026-41108.

Technical ContextAI

The vulnerability resides in the Windows DNS component, which on workstation builds handles client-side resolution and on Windows Server typically backs Active Directory-integrated DNS zones. CWE-122 (Heap-based Buffer Overflow) indicates that input handled by the DNS code path is written past the bounds of a dynamically allocated buffer, corrupting adjacent heap metadata or object pointers. Successful manipulation of the corrupted heap can be steered into arbitrary code execution or token/structure overwrite, which on a service running with SYSTEM-level rights (as Windows DNS components typically do) yields full local privilege escalation.

RemediationAI

Apply the Microsoft security update referenced in the MSRC advisory for CVE-2026-41108 at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41108 as the primary fix; exact patched build numbers are published per-OS in that guide and should be matched to your Windows client and Windows Server inventory via WSUS, Intune, or SCCM. As compensating controls until patching completes, restrict interactive and remote logon to DNS-hosting servers to administrators only (limits the PR:L precondition), enforce LAPS and minimize local accounts on workstations to shrink the attacker pool, and on DNS servers consider temporarily disabling non-essential DNS features the advisory ties to the bug once Microsoft documents them - note this can break name resolution for dependent services such as Active Directory, so test in a maintenance window. Generic AppLocker / WDAC policies that block unsigned code from low-privileged contexts further raise the bar for staging the exploit but do not prevent the overflow itself.

Share

EUVD-2026-35643 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy