PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-42987 Microsoft CVE debrief

CVE-2026-42987 is a HIGH severity vulnerability in Windows Deployment Services that allows an unauthorized attacker to execute code over a network. The vulnerability has a CVSS score of 8.1 and was published on 2026-06-09T17:17:14.853Z. The vulnerability was modified on 2026-06-11T15:46:16.010Z. The affected products include Microsoft Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, Windows Server 2022, and Windows Server 2025.

Vendor
Microsoft
Product
Windows Server 2012
CVSS
HIGH 8.1
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-09
Original CVE updated
2026-06-11
Advisory published
2026-06-09
Advisory updated
2026-06-11

Who should care

Administrators and users of Microsoft Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, Windows Server 2022, and Windows Server 2025 should be aware of this vulnerability and take necessary actions to mitigate it.

Technical summary

The vulnerability is a use-after-free vulnerability in Windows Deployment Services that allows an unauthorized attacker to execute code over a network. The vulnerability has been assigned a CVSS score of 8.1 and is considered HIGH severity.

Defensive priority

HIGH

Recommended defensive actions

  • Apply the necessary patches and updates to mitigate the vulnerability. Refer to [ref-4](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42987) for more information.

Evidence notes

The vulnerability is a use-after-free vulnerability in Windows Deployment Services. The affected products include Microsoft Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, Windows Server 2022, and Windows Server 2025.

Official resources

CVE-2026-42987 was published on 2026-06-09T17:17:14.853Z and modified on 2026-06-11T15:46:16.010Z.