Latest PHP Vulnerability Allows Hackers to Execute Remote Code on Windows Servers

Published:

spot_img

Critical PHP Vulnerability Allows Remote Code Execution on Windows Systems

A critical security flaw has been discovered in PHP that could lead to remote code execution, putting millions of websites at risk. The vulnerability, known as CVE-2024-4577, affects all versions of PHP installed on Windows operating systems.

DEVCORE security researcher Orange Tsai revealed that the flaw allows attackers to bypass previous security measures and execute arbitrary code on remote PHP servers. Despite responsible disclosure on May 7, 2024, exploitation attempts have already been detected within 24 hours of the public disclosure.

In response to the threat, PHP has released patches in versions 8.3.8, 8.2.20, and 8.1.29. However, DEVCORE warns that all XAMPP installations on Windows are vulnerable by default, especially if configured to use Traditional Chinese, Simplified Chinese, or Japanese locales.

To mitigate the risk, DEVCORE recommends moving away from PHP CGI and opting for more secure solutions like Mod-PHP, FastCGI, or PHP-FPM. Security researcher Aliz Hammond emphasized the urgency of applying the patches, as the exploit is relatively simple and has a high likelihood of being used on a large scale.

With the potential for widespread exploitation, website administrators are advised to take immediate action to protect their servers and data. Stay informed and follow us on Twitter and LinkedIn for more exclusive cybersecurity updates.

spot_img

Related articles

Recent articles

Evolving Physical Security: Embracing Deployment Flexibility for Future-Ready Systems

Evolving Physical Security: Embracing Deployment Flexibility for Future-Ready Systems In an era where physical security teams face mounting pressure to modernize their systems, many are...

Data of 310M Temu Users Compromised in Dark Web Breach

Data of 310M Temu Users Compromised in Dark Web Breach A significant cybersecurity incident has emerged involving the e-commerce platform Temu, with reports indicating that...

VEIL#DROP Malware Chain Exploits Blogger to Deploy PureLogs Information Stealer

VEIL#DROP Malware Chain Exploits Blogger to Deploy PureLogs Information Stealer Cybersecurity experts have identified a sophisticated multi-stage malware delivery system that leverages social engineering tactics...

AI Resilience Becomes Essential for Middle East Organizations Amid 800,000 Daily Cyberattack Attempts

AI Resilience Becomes Essential for Middle East Organizations Amid 800,000 Daily Cyberattack Attempts The rapid adoption of artificial intelligence (AI) across the Middle East is...