Good news ! Hackbusters community is waiting for you !
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at:

Windows 10 DHCP vulnerability allows for remote code execution


The vulnerability in Windows 10 and Windows Server 2019 gives attackers an entry point for further exploitation when combined with other vulnerabilities.

A pair of vulnerabilities in the DHCP client in Windows 10 and Windows Server 2019 allows attackers to execute code remotely, according to researchers at security firm Positive Technologies. DHCP is used on wired and wireless networks to assign IP addresses and other network configuration information.

"An attacker configures a DHCP server on their computer. The server responds to network configuration requests with malformed packets. On some networks, this attack is possible from a mobile phone or tablet," Positive Technologies researcher Mikhail Tsvetkov said in a press release. "Then the attacker waits for a vulnerable Windows 10 computer to ask for a renewal of its IP address lease, which usually happens every few hours. By sending this invalid response, the attacker can obtain the rights of an anonymous user on...(continued)

View All Trending Stories