Security News > 2019 > March > Windows Servers in danger of being compromised via WDS bug
2019-03-07 13:49
Checkpoint has released more details about CVE-2018-8476, a critical remote code execution vulnerability affecting all Windows Servers since 2008 SP2. The bug was responsibly disclosed to Microsoft last year and was fixed last November, but there are likely still servers out there that haven’t been upgraded and are open to attack. About the vulnerability CVE-2018-8476 exists in the way that Windows Deployment Services (WDS) TFTP Server handles objects in memory. WDS is a popular Windows … More → The post Windows Servers in danger of being compromised via WDS bug appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/Ry9d4eSG3b0/
Related news
- Microsoft 365 apps crash on Windows Server after Office update (source)
- Microsoft fixes Office 365 apps crashing on Windows Server systems (source)
- Microsoft fixes Windows Server 2022 bug breaking device boot (source)
- Microsoft issues out-of-band fix for Windows Server 2022 NUMA glitch (source)
- Microsoft fixes bug causing Windows Server 2025 boot errors (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-14 | CVE-2018-8476 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory, aka "Windows Deployment Services TFTP Server Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows Server 2008 R2, Windows 10 Servers. | 9.8 |