一元网络论坛

 找回密码
 立即注册
搜索
热搜: 活动 交友 discuz
查看: 270|回复: 0

Windows Server exposes CVE-2024-38077 high-risk vulnerability.

[复制链接]

2万

主题

2万

帖子

8万

积分

管理员

Rank: 9Rank: 9Rank: 9

积分
83371
发表于 2024-8-9 19:07:34 | 显示全部楼层 |阅读模式
Title: High-Risk Vulnerability in Windows Server Edition Exploited by Malicious Actors
Recent disclosure from Microsoft reveals a critical remote code execution vulnerability, CVE-2024-38077, with a CVSS score of 9.8. This vulnerability could render Windows servers completely vulnerable to a high-risk attack. The exploit affects all versions of Windows Server 2000 through 2025 and has been present for nearly three decades.
The vulnerability is centered around the Remote Desktop Licensing (RDL) service, which is widely deployed on servers enabling the use of Windows Remote Desktop (3389 port). Attackers can exploit this without any prior conditions or user interaction (zero-click), gaining full server access and executing arbitrary operations.
Once exploited, the threat actor's ability to execute remote code will spread rapidly across the globe affecting users who rely on Microsoft servers. This marks the first time since the "Eternal Blue" attack that an RCE exploit impacts all versions of Windows and provides an easy-to-use method to execute remote code without requiring elevated privileges.
Microsoft has released a patch update for this vulnerability, and it is recommended that affected systems be updated as soon as possible to mitigate the risk.
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

Archiver|手机版|小黑屋|一元网络论坛

GMT+8, 2024-11-6 03:07 , Processed in 0.390938 second(s), 19 queries .

Powered by Discuz! X3.4

Copyright © 2001-2020, Tencent Cloud.

快速回复 返回顶部 返回列表