HomeIntelligenceBrief
VULNERABILITY BRIEF🔴 Critical Vulnerability

Critical Remote Code Execution in Microsoft Windows Server (CVE‑2008‑4250) Added to CISA KEV Catalog – Broad Supply‑Chain Risk

CISA has added seven long‑standing Microsoft and Adobe vulnerabilities to its Known Exploited Vulnerabilities catalog, spotlighting active exploitation of CVE‑2008‑4250 (MS08‑067) and related flaws. Organizations that still rely on legacy Windows Server, Internet Explorer, DirectX, or Adobe Reader face heightened third‑party risk and must remediate or isolate these components.

LiveThreat™ Intelligence · 📅 May 22, 2026· 📰 securityaffairs.com
🔴
Severity
Critical
VU
Type
Vulnerability
🎯
Confidence
High
🏢
Affected
5 sector(s)
Actions
5 recommended
📰
Source
securityaffairs.com

Critical Remote Code Execution in Microsoft Windows Server (CVE‑2008‑4250) Added to CISA KEV Catalog – Broad Supply‑Chain Risk

What It Is – CISA has placed seven long‑standing Microsoft and Adobe flaws into its Known Exploited Vulnerabilities (KEV) catalog, highlighting that threat actors continue to weaponize these bugs. The most severe is CVE‑2008‑4250 (MS08‑067), a critical RCE buffer‑overflow in the Windows Server service that scores 9.8 CVSS v3.1.

Exploitability – All listed CVEs have publicly available exploit code and have been observed in the wild for years. CVE‑2008‑4250 is actively exploited via malicious RPC calls; the Adobe PDF flaw (CVE‑2009‑3459) is leveraged through crafted documents. No new patches are required for legacy OSes that are already out of support, but many legacy environments remain in use.

Affected Products

  • Microsoft Windows Server (XP, 2003, Vista, 2008) – CVE‑2008‑4250
  • Microsoft DirectX – CVE‑2009‑1537
  • Adobe Acrobat/Reader – CVE‑2009‑3459
  • Microsoft Internet Explorer – CVE‑2010‑0249, CVE‑2010‑0806
  • Microsoft Defender – CVE‑2026‑41091, CVE‑2026‑45498

TPRM Impact – Third‑party risk teams must treat any vendor that still runs these legacy components as a high‑severity supply‑chain exposure. Exploitation can lead to lateral movement, credential theft, and ransomware deployment across downstream customers.

Recommended Actions

  • Inventory all third‑party services and internal assets that still run the affected Windows versions, DirectX libraries, or Adobe Reader/Acrobat.
  • Segregate legacy systems on isolated network zones; enforce strict outbound filtering for RPC and SMB traffic.
  • Apply any available mitigations (e.g., MS08‑067 patch, Adobe Reader hardening, IE Enhanced Security Configuration) or replace legacy software with supported alternatives.
  • Update contractual security clauses to require vendors to retire or fully patch these components.
  • Monitor threat feeds for active exploit traffic targeting the listed CVEs and enable IDS/IPS signatures.

Source: Security Affairs – CISA adds Microsoft and Adobe flaws to KEV catalog

📰 Original Source
https://securityaffairs.com/192508/security/u-s-cisa-adds-microsoft-and-adobe-flaws-to-its-known-exploited-vulnerabilities-catalog.html

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Trust Operations

Misconfigurations are control gaps in disguise.

Verisq AI Trust Operations turns findings like this into mapped controls with continuous evidence, keeping your audit readiness current instead of point-in-time.

Map your controls with Verisq AI Trust Operations →