The design of Windows 10 allows the Operating System to send DNS queries to all the available interfaces on the machine. The OS does not take into account the network interface priority nor does it take into account any default route.
This design is somewhat okay until we face a VPN scenario where the DNS request has to go through the VPN tunnel for security reasons and this will allow a hacker to intercept a DNS request and modify the reply to perform a man-in-the-middle attack.
The easy fix it to add a DWORD name of
DisableSmartNameResolution with a value of
0 under the following path.