Microsoft & US CERT highlight 2 new vulnerabilities.  One impacts WIN7/8/10 and the other affects Windows server as noted below

The CERT Coordination Center (CERT/CC) has released information on vulnerabilities affecting versions of Microsoft Windows and Windows Server. A remote attacker could exploit these vulnerabilities to take control of an affected system.  The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review CERT/CC’s Vulnerability Notes VU#289907 and VU#531281 and Microsoft’s security advisories for CVE-2018-8611 and CVE-2018-8626 and apply the necessary updates.

VU#531281: Microsoft Windows DNS servers are vulnerable to heap overflow  Friday, January 4, 2019

VU#289907: Microsoft Windows Kernel Transaction Manager (KTM) is vulnerable to a race condition   Friday, January 4, 2019