CVE-2022-24497 - Security Update Guide - Microsoft - Windows Network File System...
source link: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-24497
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
-
- Customer Guidance
-
-
Windows Network File System Remote Code Execution Vulnerability
CVE-2022-24497Released: Apr 5, 2022
Please see Common Vulnerability Scoring System for more information on the definition of these metrics.
Exploitability
I am running a supported version of Windows Server. Is my system vulnerable to this issue?
This vulnerability is only exploitable for systems that have the NFS role enabled. See NFS Overview for more information on this feature. More information on installing or uninstalling Roles or Role Services is available here.
How could an attacker exploit this vulnerability?
An attacker could send a specially crafted NFS protocol network message to a vulnerable Windows machine, which could enable remote code execution.
Acknowledgements
Security Updates
Disclaimer
Revisions
Information published.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK