#WindowsServers

Ransomware Group Exploits PHP Vulnerability Days After Disclosure

June 12, 2024 by Xynik

June 12, 2024 at 05:06AM Cybersecurity firm Imperva reports the exploitation of a recent PHP vulnerability, CVE-2024-4577, in ransomware attacks just days after its public disclosure. The bug impacts Windows servers using Apache and PHP-CGI and was addressed with the release of PHP versions 8.1.29, 8.2.20, and 8.3.8. The TellYouThePass ransomware gang was observed exploiting … Read more

PHP fixes critical RCE flaw impacting all versions for Windows

June 7, 2024 by Xynik

June 7, 2024 at 10:39AM A new PHP RCE vulnerability, CVE-2024-4577, impacts Windows PHP versions since 5.x. With a patch released, updating large-scale deployments poses challenges, leaving systems vulnerable. Exploiting ‘Best-Fit’ encoding on Windows, it bypasses prior protections. Mitigations include upgrading to patched versions, applying mod_rewrite rules, or migrating from CGI to FastCGI, PHP-FPM, or … Read more