Endpoint Vulnerability

Microsoft: Windows DHCP Client Remote Code Execution Vulnerability

Description

A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully exploited the vulnerability could run arbitrary code on the client machine. To exploit the vulnerability, an attacker could send specially crafted DHCP responses to a client. The security update addresses the vulnerability by correcting how Windows DHCP clients handle certain DHCP responses.

Affected Products

Windows RT 8.1,Windows Server 2016,Windows Server, version 1803 (Server Core Installation),Windows Server 2012,Windows 8,Windows Server 2008,Windows 10,Windows 7

References

CVE-2019-0736,