Critical RCE Vulnerability In Windows PHP Fixed

A new remote code execution (RCE) vulnerability in PHP for Windows has been disclosed, affecting all versions since 5.x and potentially millions of servers worldwide. PHP, an open-source scripting language used for web development on Windows and Linux servers, has a new flaw, CVE-2024-4577, discovered by Devcore's Orange Tsai on May 7, 2024. The PHP team released a patch yesterday. However, updating such a widely deployed project is complex, leaving many systems vulnerable for some time. When critical vulnerabilities are disclosed, threat actors quickly start searching for unpatched systems. Read more...

Read More

Got Something To Say?

Your email address will not be published.