The vulnerability allows an ISP, as well as any on-path eavesdroppers, to see what websites a user may be visiting.
Starting with Windows 8, Microsoft has introduced the "Smart Multi-Homed Named Resolution".
While there is general consensus that this new method of domain name resolution accelerated the time required for a DNS look-up to be completed, it also exposed VPN users to DNS leaks when connected to a VPN endpoint, because the computer would no longer use only the DNS servers assigned by the VPN service.
[2][3] Websites exist to allow testing to determine whether a DNS leak is occurring.
Regular DNS leak testing is crucial for VPN users to ensure their privacy, as DNS leaks can expose browsing activity to ISPs and other third parties, even when a VPN is active.