Windows Servers in danger of being compromised via WDS bug

March 7, 2019


Checkpoint has released more details about CVE-2018-8476, a critical remote code execution vulnerability affecting all Windows Servers since 2008 SP2.

The bug was responsibly disclosed to Microsoft last year and was fixed last November, but there are likely still servers out there that haven’t been upgraded and are open to attack.

About the vulnerability

CVE-2018-8476 exists in the way that Windows Deployment Services (WDS) TFTP Server handles objects in memory.

Read More on Help Net Security