Critical Remote Code Execution Vulnerability CVE-2024-38077 Affects Windows Servers: Immediate Action Required
Recently, Microsoft has disclosed a new critical remote code execution vulnerability, CVE-2024-38077, with a high CVSS score of 9.8. This flaw can lead to the complete compromise of Windows servers that have the Remote Desktop Licensing service enabled. The vulnerability affects all versions of Windows Server from 2000 to 2025, which means it has existed for nearly 30 years. The exploit is stable, controllable remotely, and can be used for ransomware attacks or as a worm, posing a significant threat since an attacker does not need any permissions to execute remote code.
2.1 Vulnerability Basics
- Vulnerability Name: CVE-2024-38077
- Type: Remote Code Execution
- Impact Scope: Windows servers with the Windows Remote Desktop Licensing (RDL) Service enabled
- Affected Versions: Windows Server 2000 - Windows Server 2025
- Exploit Difficulty: Easy
- Threat Level: Severe
- Official Solution: Microsoft has released an official patch announcement.
2.2 Impact Scope
The following versions of Windows Server are affected:
- Windows Server 2012 R2 (Server Core installation)
- Windows Server 2012 R2
- Windows Server 2012 (Server Core installation)
- Windows Server 2012
- Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
- Windows Server 2008 for x64-based Systems Service Pack 2
- Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
- Windows Server 2008 for 32-bit Systems Service Pack 2
- Windows Server 2016 (Server Core installation)
- Windows Server 2016
- Windows Server 2022, 23H2 Edition (Server Core installation)
- Windows Server 2022 (Server Core installation)
- Windows Server 2022
- Windows Server 2019 (Server Core installation)
- Windows Server 2019
2.3 Vulnerability Verification
Vulnerability testing for CVE-2024-38077 was conducted on Windows 10, Windows Server 2016, and Windows Server 2019. The results showed that Windows 10 is not affected by this vulnerability. For Windows Server 2019, the exploit attempt did not succeed because the Remote Desktop Licensing (RDL) service was not enabled. However, for Windows Server 2016, the exploit was successful when the Remote Desktop Licensing service was enabled.
2.4 Looking for VPS Services? Visit [www.magbo.cc] for Buying or Selling VPS Solutions!
If you're in need of Virtual Private Server (VPS) services, consider our platform at [www.magbo.cc]. We offer a low commission rate and ensure quality through strict screening processes. Whether you're looking to buy or sell VPS solutions, we provide a reliable and efficient marketplace for all your needs.
评论
发表评论