Windows DHCP Remote Code Execution Vulnerability

Microsoft have released details of a remote code execution vulnerability in the Windows Dynamic Host Configuration Protocol (DHCP) client.

Threat ID:: CC-2872
Category:
Threat Severity:: Medium
Threat Vector:
Published:: 10 January 2019 12:00 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Microsoft have released details of a remote code execution vulnerability in the Windows Dynamic Host Configuration Protocol (DHCP) client.

Affected platforms

The following platforms are known to be affected:

Microsoft Windows

Microsoft Windows - All versions

Microsoft Windows Server - All versions

Threat details

An unauthenticated remote user could exploit this vulnerability to execute arbitrary code on an affected system.

The vulnerability lies in how the client handles specific DHCP responses. An attacker sending a chain of specially crafted DHCP responses to the client can result in the client crashing or restarting, allowing the attacker to send new commands to the system.

For further information:

CVE-2019-0547

Remediation steps

Type	Step
	Microsoft addressed this vulnerability in their CVE-2019-0547 Security Update Guide. Users and administrators are encouraged to review this guide and apply the relevant updates.

CVE Vulnerabilities

Status

CVE-2019-0547

Last edited: 14 February 2020 2:52 pm