"The reason for the change is a vulnerability registered as CVE-2026-0386. This flaw in WDS allows an attacker on the same network to execute unauthorized code. The problem arises because so-called answer files, including Unattend.xml, can be sent via an unsecured Remote Procedure Call channel. These files contain information used to automatically populate installations, such as configuration settings and sometimes credentials."
"When such data is sent via an unauthenticated connection, there is a risk that it could be intercepted by an attacker. According to Microsoft, this could lead to the theft of login credentials or even the remote execution of code on systems within the network. The company states in supporting documentation that support for automatic deployments via insecure communication channels will be removed by default."
"The measure is part of a broader security enhancement for Windows Deployment Services. Microsoft began the first phase of these changes back in January. During that period, system administrators were advised to block unauthenticated access to Unattend.xml files and disable automatic installations via a registry key. The next phase goes beyond mere recommendations."
Microsoft is phasing out Windows Deployment Services (WDS) combined with Unattend.xml files for automatic network-based Windows installations due to security vulnerabilities. The vulnerability CVE-2026-0386 allows attackers on the same network to execute unauthorized code by intercepting answer files sent through unsecured Remote Procedure Call channels. These files contain sensitive installation data including configuration settings and credentials. When transmitted via unauthenticated connections, attackers can intercept this data, potentially stealing login credentials or executing remote code. Microsoft began addressing this in January with recommendations to block unauthenticated access and disable automatic installations. The next phase completely disables unattended installation methods by default, forcing organizations to reconfigure systems or lose automatic deployment capabilities.
#windows-deployment-services #security-vulnerability #network-deployment #cve-2026-0386 #unattended-installation
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]