Zero Day MonitorZDM

← Back to list

8.1

CVE-2026-42987EXPLOITEDPATCHED

Microsoft · Windows Server 2012

Windows Deployment Services (WDS) Remote Code Execution

Description

Use after free in Windows Deployment Services allows an unauthorized attacker to execute code over a network.

Affected Products

Vendor	Product	Versions
Microsoft	Windows Server 2012	6.2.9200.0, 6.2.9200.0, 6.3.9600.0, 6.3.9600.0, 10.0.14393.0, 10.0.14393.0, 10.0.17763.0, 10.0.17763.0, 10.0.20348.0, 10.0.26100.0, 10.0.26100.0

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
microsoft	windows server 2016 (server core installation)	mitre_affected	90%
microsoft	windows	mitre_affected	90%
microsoft	windows server 2019 (server core installation)	mitre_affected	90%
microsoft	windows server 2012 (server core installation)	mitre_affected	90%
microsoft	windows server 2025 (server core installation)	mitre_affected	90%

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42987(vendor-advisory, patch)

Related News (4 articles)

Tier C

Cisco Talos1h ago

Microsoft Patch Tuesday for June 2026 — Snort rules and prominent vulnerabilities

→ No new info (linked only)

Tier C

Qualys Blog1h ago

Microsoft and Adobe Patch Tuesday, June 2026 Security Update Review

→ No new info (linked only)

Tier C

VulDB5h ago

CVE-2026-42987 | Microsoft Windows Server 2012 up to Server 2022 Deployment Services use after free

→ No new info (linked only)

Tier A

Microsoft MSRC8h ago

CVE-2026-42987 Windows Deployment Services (WDS) Remote Code Execution

→ No new info (linked only)

CVSS 3.18.1 HIGH

VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

6.2.9200.261326.3.9600.2322810.0.14393.923410.0.17763.888010.0.20348.525610.0.26100.32995

CWECWE-416

PublishedJun 9, 2026

Last enriched5h agov2

Tags

Remote Code Execution

Trending Score71

Source articles4

Independent4

Info Completeness9/14

Missing: title, epss, kev, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-41091EXPKEV

Microsoft Defender Elevation of Privilege Vulnerability

HIGHCVE-2026-33825EXPKEV

Microsoft Defender Elevation of Privilege Vulnerability

MEDIUMCVE-2026-45498EXPKEV

Microsoft Defender Denial of Service Vulnerability

CRITICALCVE-2026-41089EXPKEV

Windows Netlogon Remote Code Execution Vulnerability

MEDIUMCVE-2026-45585EXP

Windows BitLocker Security Feature Bypass Vulnerability

Pin to Dashboard

Verification

State: verified

Confidence: 0%

Vulnerability Timeline

CVE Published

Jun 9, 2026

Discovered by ZDM

Jun 9, 2026

Updated: description, exploitAvailable, activelyExploited, tags

Jun 9, 2026

Actively Exploited

Jun 9, 2026

Exploit Available

Jun 9, 2026

Patch Available

Jun 9, 2026

Version History

v2

Last enriched 5h ago

v2Tier A5h ago

Added a detailed description of the vulnerability and marked it as actively exploited with an available exploit.

descriptionexploitAvailableactivelyExploitedtags

via Microsoft MSRC

v15h ago

Initial creation