Developers have been using PHP on Windows Servers for decades.
Judging by its popularity, PHP is considered secure to run on a Windows Server or other infrastructure.
This vulnerability is currently tracked as CVE-2024-4577 and is described as a CGI argument injection vulnerability.
Within 24 hours of public exposure to this vulnerability, several attacks were made against PHP servers in Egypt.
More importantly, the CVE-2024-4577 vulnerability can affect all versions of PHP installed on Windows.
PHP has asked everyone to update their web server PHPs to the latest version.
According to a security expert namedOrange Tsai, the Best-Fit feature on Windows is responsible for the vulnerability.
They added that the Best-Fit feature causing the vulnerability could cause further issues.
The DEVCORE team added that the PHP team overlooked the encoding conversion system within the Windows operating system.
This lack of encoding has allowed attackers to get into the server arbitrarily.
It could also cause a denial-of-service attack and run arbitrary code on the web server.
It has also been noticed that some locale versions of PHP are more vulnerable to this issue.
you might refer to the full mitigation document from DEVCOREhere.
source: www.techworm.net
