Use After Free in Windows Deployment Services

Publication date: 2026-06-09

Last updated on: 2026-06-11

Assigner: Microsoft Corporation

Description

Use after free in Windows Deployment Services allows an unauthorized attacker to execute code over a network.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-06-09

Last Modified

2026-06-11

Generated

2026-06-30

AI Q&A

2026-06-09

EPSS Evaluated

2026-06-28

NVD

CVE-2026-42987

EUVD

EUVD-2026-35757

Affected Vendors & Products

Vendor	Product	Version / Range
microsoft	windows_server_2012	r2
microsoft	windows_server_2012	*
microsoft	windows_server_2016	to 10.0.14393.9234 (exc)
microsoft	windows_server_2019	to 10.0.17763.8880 (exc)
microsoft	windows_server_2022	to 10.0.20348.5256 (exc)
microsoft	windows_server_2025	to 10.0.26100.32995 (exc)

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-416	The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

Attack-Flow Graph

Executive Summary

This vulnerability is a use after free issue in Windows Deployment Services. It allows an unauthorized attacker to execute code remotely over a network.

Impact Analysis

The vulnerability can lead to remote code execution by an unauthorized attacker, which means the attacker could potentially take control of the affected system, leading to severe impacts such as data loss, system compromise, or disruption of services.

Hi! I’m here to help you understand CVE-2026-42987. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70