Security News > 2019 > March > Windows Servers in danger of being compromised via WDS bug

Windows Servers in danger of being compromised via WDS bug
2019-03-07 13:49

Checkpoint has released more details about CVE-2018-8476, a critical remote code execution vulnerability affecting all Windows Servers since 2008 SP2. The bug was responsibly disclosed to Microsoft last year and was fixed last November, but there are likely still servers out there that haven’t been upgraded and are open to attack. About the vulnerability CVE-2018-8476 exists in the way that Windows Deployment Services (WDS) TFTP Server handles objects in memory. WDS is a popular Windows … More → The post Windows Servers in danger of being compromised via WDS bug appeared first on Help Net Security.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/Ry9d4eSG3b0/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2018-11-14 CVE-2018-8476 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products
A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory, aka "Windows Deployment Services TFTP Server Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows Server 2008 R2, Windows 10 Servers.
network
low complexity
microsoft CWE-119
critical
 9.8
9.8