CyberSecurityBoard
Sponsor Register Login

UDP Vulnerability in Windows Deployment Services Allows 0-Click System Crashes

A newly discovered vulnerability in Microsoft’s Windows Deployment Services (WDS) allows attackers to remotely crash servers with zero user interaction or authentication. The flaw, which requires no authentication or user interaction (0-click), allows attackers to remotely exhaust system memory by exploiting a design weakness in how WDS handles UDP-based TFTP sessions on port 69. This vulnerability poses a significant threat to organizations that rely on WDS for network-based OS deployment, as it allows attackers to completely disrupt PXE boot services across an enterprise without requiring any authentication or privileged access. In a test environment running Windows Server Insider Preview with 8GB of RAM, Peng demonstrated that by continuously sending spoofed UDP packets to port 69, memory consumption rapidly increased to 15GB within just 7 minutes, causing the entire system to crash. At present, there appears to be no effective mitigation strategy for organizations using Windows Deployment Services other than considering alternative deployment solutions or implementing strict network filtering to limit access to port 69. Consequently, an attacker can forge fake client IP addresses and port numbers, repeatedly creating new sessions until system resources are exhausted,” Security researcher Zhiniang Peng explains in his published analysis. Windows Deployment Services is widely used in corporate networks, data centers, and educational institutions for streamlined OS deployments, making this vulnerability particularly concerning for IT administrators. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Since UDP servers cannot verify packet sources, attackers can spoof packets with randomized source addresses and ports, forcing the server to allocate excessive session objects in memory without limitation. Notably, the attack leverages unauthenticated, spoofed network traffic, making it both stealthy and difficult to defend against with traditional security controls. Kaaviya is a Security Editor and fellow reporter with Cyber Security News.

This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 06 May 2025 07:15:06 +0000


Cyber News related to UDP Vulnerability in Windows Deployment Services Allows 0-Click System Crashes

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
25 Best Cloud Service Providers (Public and Private) in 2025 - Oracle Cloud offers a variety of services, including infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS), to help organizations build, deploy, and run applications in the cloud. Oracle Cloud is a cloud ...
1 week ago Cybersecuritynews.com
UDP Vulnerability in Windows Deployment Services Allows 0-Click System Crashes - A newly discovered vulnerability in Microsoft’s Windows Deployment Services (WDS) allows attackers to remotely crash servers with zero user interaction or authentication. The flaw, which requires no authentication or user interaction (0-click), ...
2 weeks ago Cybersecuritynews.com
CVE-2024-57974 - In the Linux kernel, the following vulnerability has been resolved: ...
2 months ago
CVE-2025-22058 - In the Linux kernel, the following vulnerability has been resolved: ...
1 month ago
KubeCon 2023: Securing Software Delivery and Deployment - Gopal Dommety: So Mitch, we started OpsMX with the vision to fully automate and secure software delivery. Gopal Dommety: And so we provide a deployment firewall. They tend to have large deployments, Fortune 10 kind of customers, that's what OpsMx. ...
1 year ago Securityboulevard.com
Windows 10 Extended Security Updates Promised for Small Businesses and Home Users - Already common for enterprises, for the first time, individuals will also get the option to pay for extended security updates for a Windows operating system that's out of support. Windows 10 will stop getting free updates, including security fixes, ...
1 year ago Techrepublic.com
Marketing Strategies for PaaS Services: Get Ahead of the Curve - With the ever-growing demand for cloud-based performance and services, Platform-as-a-Service (PaaS) is becoming increasingly critical for modern software development. PaaS is a cloud-based platform, providing businesses with an integrated suite of ...
2 years ago Hackread.com
15 Best Patch Management Tools - 2025 - What is Good?What Could Be Better?Comprehensive patch management for various operating systems, applications, and third-party software.It is complex for new users and requires time and training to utilize its functionalities fully.Advanced analytics ...
2 months ago Cybersecuritynews.com
Flask Web App: Smart Honeypot Deployment With RL - The goal of a honeypot is to deceive attackers into interacting with them, enabling security experts to observe and analyze their behavior. By applying RL, we can develop a smart honeypot deployment system that learns and adapts to emerging threats ...
10 months ago Feeds.dzone.com
Microsoft: Windows 11 preview update causes taskbar crashes - Microsoft warned customers on Thursday that the May 2024 non-security preview update for Windows 11 is causing taskbar crashes and glitches. This month's KB5037853 optional update was released on Thursday, and it fixes multiple File Explorer problems ...
11 months ago Bleepingcomputer.com
CVE-2024-26853 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago
Click Profit blocked by the FTC over alleged e-commerce scams - Click Profit is an online business paltform promoted on social media and through websites that claims to help consumers generate passive income by setting up and managing e-commerce stores on Amazon, Walmart, and other platforms. The US Federal Trade ...
2 months ago Bleepingcomputer.com
Securing Student Data in Cloud Services - In today's educational landscape, securing student data in cloud services is of utmost importance. One key aspect of securing student data in cloud services is ensuring proper data encryption. This article explores the various challenges and best ...
1 year ago Securityzap.com
Microsoft No Longer Selling Windows 10 Licenses Redirects to Windows 11 Product Pages - Marking an end to an era, Microsoft is no longer directly selling Windows 10 product keys on their website, instead redirecting users to Windows 11 product pages. This month, Microsoft began displaying an alert on their Windows 10 Home and Pro ...
2 years ago Bleepingcomputer.com
Accelerating Cloud-Native Data Security Deployments at Scale with Imperva's eDSF Kit - Elastic DSF is the vision of DSF. The first phase of this vision is creating automatic, click of a button processes to deploy and upgrade DSF with the introduction of Imperva eDSF Kit. eDSF Kit simplifies the product deployment, upgrades, and ongoing ...
1 year ago Imperva.com
CVE-2021-47036 - In the Linux kernel, the following vulnerability has been resolved: udp: skip L4 aggregation for UDP tunnel packets If NETIF_F_GRO_FRAGLIST or NETIF_F_GRO_UDP_FWD are enabled, and there are UDP tunnels available in the system, udp_gro_receive() could ...
1 year ago Tenable.com
CVE-2025-22059 - In the Linux kernel, the following vulnerability has been resolved: ...
1 month ago
Microsoft releases first Windows Server 2025 preview build - Microsoft has released Windows Server Insider Preview 26040, the first Windows Server 2025 build for admins enrolled in its Windows Insider program. This build is the first pushed for the next Windows Server Long-Term Servicing Channel Preview, which ...
1 year ago Bleepingcomputer.com
Windows 11 24H2 now rolling out, here are the new features - Version 24H2 is now also accessible via Windows Server Update Services (including Configuration Manager), Windows Update for Business, and the Microsoft 365 admin center. Microsoft suggests that businesses start targeted rollouts to ensure ...
7 months ago Bleepingcomputer.com
Microsoft pushes fix for Windows 11 update 0x80240069 errors - ​Microsoft has fixed a known issue preventing Windows 11 24H2 feature updates from being delivered via Windows Server Update Services (WSUS) after installing the April 2025 security updates. "Devices which have installed the April Windows ...
2 weeks ago Bleepingcomputer.com
Microsoft adds hotpatching support to Windows 11 Enterprise - If all prerequisites are met to receive hotpatch updates, you can enable or disable them by going to Devices > 'Windows updates'> 'Create Windows quality update policy' in the Microsoft Intune admin center to create a Windows quality update ...
1 month ago Bleepingcomputer.com
Microsoft: Windows 11 24H2 now ready to rollout to everyone - The Windows 11 2024 Update also rolled out to all eligible PCs running Windows 10 22H2 in late January 2025 as part of the broad deployment stage, less than a week after the company announced that it would start force-installing Windows 11 24H2 on ...
2 weeks ago Bleepingcomputer.com
Windows 11 January 2025 Preview Update Disconnects Remote Desktop Sessions - Microsoft’s January 2025 Windows preview update (KB5050094) for Windows 11 version 24H2 has caused significant issues with Remote Desktop Protocol (RDP) sessions, including Remote Desktop Services (RDS). The policy, named “Windows 11 24H2 ...
1 month ago Cybersecuritynews.com
CVE-2017-6627 - A vulnerability in the UDP processing code of Cisco IOS 15.1, 15.2, and 15.4 and IOS XE 3.14 through 3.18 could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue ...
1 year ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)