Adrian Johnson
TLDR:
Key Points:
- New PHP vulnerability (CVE-2024-4577) allows remote code execution on Windows servers.
- Security researchers have advised moving to more secure solutions like Mod-PHP or FastCGI.
Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances. The vulnerability, tracked as CVE-2024-4577, affects all versions of PHP installed on the Windows operating system. The vulnerability allows attackers to bypass protections put in place for another security flaw, CVE-2012-1823, through specific character sequences. A fix for the vulnerability has been made available in PHP versions 8.3.8, 8.2.20, and 8.1.29. Security researchers have warned that XAMPP installations on Windows are vulnerable by default when configured to use certain locales. They recommend moving away from PHP CGI to more secure solutions like Mod-PHP or FastCGI. Exploitation attempts of the vulnerability have already been detected, making it imperative for users to apply the latest patches quickly to prevent remote code execution on servers.
