The DFS feature of Windows Server operating systems, including Windows Server 2016, can be used to access remote file systems. Remote file system access is enabled by default in Windows Server, but users should be aware of the risks associated with it and take steps to protect themselves.

A security issue was reported regarding the Windows Distributed File System (DFS) when accessing the system using Remote Desktop Protocol (RDP). A security issue was discovered in Windows when Remote Desktop Protocol (RDP) is enabled without SSL/TLS. An attacker could potentially exploit this vulnerability to obtain access to user information and potentially compromise the user's system.

CVE-2018-8555: DFS Information Disclosure Vulnerability. A remote code execution vulnerability has been discovered in Windows DFS when DFS is enabled with Active Directory Domain Services (AD DS). An attacker could potentially exploit this vulnerability to gain access to user information and potentially compromise the user's system.

CVE-2018-8556: DFS Information Disclosure Vulnerability. A remote code execution vulnerability has been discovered in Windows DFS when DFS is enabled with Active Directory Domain Services (AD DS). An attacker could potentially exploit this vulnerability to gain access to user information and potentially compromise the user's system.

CVE-2018-8557: DFS Information Disclosure Vulnerability

Potential Impact on Business

Disable the feature in Windows Server to protect your business
There have been a total of three vulnerabilities that could be exploited by attackers. If a user is affected, they would have their data compromised and their system accessed. The potential impact on business is significant because it would be more difficult to control access to your system if it has been compromised. To mitigate this risk, you should disable this feature in Windows Server and ensure that your users are aware of the risks associated with this feature and the steps they can take to protect themselves from possible attacks.

Windows Server Update Services (WSUS)

Microsoft Windows uses a software update service called Windows Server Update Services (WSUS) to keep computers updated with the latest updates. WSUS is also used to distribute updates to servers on your network.

A security issue was discovered in Windows when WSUS is enabled without SSL/TLS. An attacker could potentially exploit this vulnerability to obtain access to user information and potentially compromise the user's system.

CVE-2018-8555: DFS Information Disclosure Vulnerability. A remote code execution vulnerability has been discovered in Windows DFS when DFS is enabled with Active Directory Domain Services (AD DS). An attacker could potentially exploit this vulnerability to gain access to user information and potentially compromise the user's system.

CVE-2018-8556: DFS Information Disclosure Vulnerability. A remote code execution vulnerability has been discovered in Windows DFS when DFS is enabled with Active Directory Domain Services (AD DS). An attacker could potentially exploit this vulnerability to gain access to user information and potentially compromise the user's system.

Windows Server Virtualization (Server virtualization)

A limited number of Windows Server products are affected by a Remote Code Execution vulnerability that may be exploited remotely.

CVE-2018-8556: DFS Information Disclosure Vulnerability. A remote code execution vulnerability has been discovered in Windows DFS when DFS is enabled with Active Directory Domain Services (AD DS). An attacker could potentially exploit this vulnerability to gain access to user information and potentially compromise the user's system.

CVE-2018-8555: DFS Information Disclosure Vulnerability. A remote code execution vulnerability has been discovered in Windows DFS when DFS is enabled with Active Directory Domain Services (AD DS). An attacker could potentially exploit this vulnerability to gain access to user information and potentially compromise the user's system.

Timeline

Published on: 10/11/2022 19:15:00 UTC
Last modified on: 10/12/2022 17:06:00 UTC

References