Microsoft changes DHCP to 'Dammit! Hacked! Compromised! Pwned!' Big bunch of security fixes land for Windows It's the second Tuesday of the month, and you know what that means: a fresh dump of security fixes from Microsoft, Adobe and others. The March edition of Patch Tuesday includes fixes for 64 CVE-listed vulnerabilities, while Adobe addressed a pair of bugs in Photoshop and Digital Editions. Even SAP has got in on the game. You …
I've seen a couple of years ago Netgear WiFi devices with issues when the DHCP answer was too long for the open source library they used to handle DHCP - and still the answer was fully compliant, albeit with some less common options.
I didn't have time to investigate if the could have been compromised. Just sent them back and replaced them with something better.
Guess they too had issue with the new and unproven DHCP protocol....
First, there are the trio of CVE-2019-0697, CVE-2019-0698, and CVE-2019-0726, all covering holes present in the DHCP server component for Windows. Each of the flaws would potentially allow an attacker on the local network to achieve remote code execution on a targeted machine simply by sending a malformed DHCP network packet.
I'd swear I've seen this before ... and in an article on El Reg no less ...
Doesn't M$ learn?
"Microsoft's DHCP is fundamentally broken and access to a Microsoft DHCP server requires a suitable CAL for every device."
They just fixed it though. And MS DHCP Server has built in features like cross location active active clustering that are way more painful to implement using anything else.
nb - CALs are also needed if like most companies you use Windows Server for DNS!
yeah but from what the article said about every device having a DHCP client, it ALMOST sounded like the DHCP CLIENT was vulnerable...
But I remember an earlier article about the server flaw, and I'm sure I snarked all over that.
I agree with the 'just say no'. The MShaft DHCP server is WORTHLESS. I just use bind for DNS with isc-dhcpd on a Linux or FreeBSD box. It has worked for me for nearly 2 decades, and was relatively painless to set up with a short RTFM session.
"I agree with the 'just say no'. The MShaft DHCP server is WORTHLESS. I just use bind for DNS with isc-dhcpd on a Linux or FreeBSD box. It has worked for me for nearly 2 decades, and was relatively painless to set up with a short RTFM session."
Thanks for:
1) commenting so eloquently on something you demonstrably know nothing about
2) firing out the 'it's worked for me for 20 years, it must be fine' classic
3) taking the time to do both in a public IT forum
Brightened up my day.
TFTP (Trivial/Telephone File Transfer Protocol) is a very insecure protocol from the depths of time, the only valid (back then) use I have come across for it was to download telephone configurations into early 'smart' handsets. Most servers shouldn't be running a TFTP service at all, no authentication. Ironically I only came across it again a couple of years ago when a young developer found this 'new' file transfer process which was easier to use and didn't rely on passwords. Needles to say he received a bit of mentoring on security by design rather than obfuscation and relying on the fact nobody would be looking for the huge security hole he had just introduced into my infrastructure.
I think you need it for pxe. Super-handy for installing winders, just boot a super-basic windows image over tftp, net use a location with Windows installs and run setup. The only crappy part is making sure the basic windows has the right network drivers. That and the part where you are using Windows.
"TFTP (Trivial/Telephone File Transfer Protocol) is a very insecure protocol from the depths of time"
Yup. The _only_ secure way to use it is only to enable the service when you need it, only for long enough to do exactly what you need to do and doublecheck that nothing snuck in whilst you had it enabled.
(If anything needs it for booting then it needs to be in its OWN isolated VLAN along with the TFTP server, and the server end needs to be locked down enough so that access is read-only)
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
