|
|
Title: High-Risk Vulnerability in Windows Server Edition Exploited by Malicious Actors
Recent disclosure from Microsoft reveals a critical remote code execution vulnerability, CVE-2024-38077, with a CVSS score of 9.8. This vulnerability could render Windows servers completely vulnerable to a high-risk attack. The exploit affects all versions of Windows Server 2000 through 2025 and has been present for nearly three decades.
The vulnerability is centered around the Remote Desktop Licensing (RDL) service, which is widely deployed on servers enabling the use of Windows Remote Desktop (3389 port). Attackers can exploit this without any prior conditions or user interaction (zero-click), gaining full server access and executing arbitrary operations.
Once exploited, the threat actor's ability to execute remote code will spread rapidly across the globe affecting users who rely on Microsoft servers. This marks the first time since the "Eternal Blue" attack that an RCE exploit impacts all versions of Windows and provides an easy-to-use method to execute remote code without requiring elevated privileges.
Microsoft has released a patch update for this vulnerability, and it is recommended that affected systems be updated as soon as possible to mitigate the risk. |
|
发表于 2024-8-9 19:07:34