Credit: Nick Freeman (@0x7674)
This is a vulnerability in client-side network protocol parsing on Windows, which luckily only affects modern Windows boxes using the obscure protocol “DNS”. There’s a special sense of irony in the bug being in the DNSSEC implementation, which otherwise protects the internet from hacking. We’re not sure what Microsoft is doing with SAGE these days, but it’s probably not fuzzing DNS, given that this nominee is actually three bugs in the same basic block.