The US-CERT (United States Computer Emergency Readiness Team) has issued an advisory respecting two vulnerabilities found in Microsoft Windows and Windows Server. Successful exploitation of either vulnerability could allow a remote actor to take control of an affected system. Microsoft has patched both of these vulnerabilities via the January Patch Tuesday update and it is recommended that users/admins apply the most recent update asap. CVE-2018-8611 is a Windows Kernel Elevation of Privilege Vulnerability impacting supported Windows client and server versions. CVE-2018-8626 is a Windows DNS Server Heap Overflow Vulnerability affecting Windows servers configured as DNS servers.