🟠 High  |  Source: Microsoft Security Response Center


CVE-2026-56159 is a Remote Code Execution (RCE) vulnerability affecting the Windows DHCP Server Service, disclosed by Microsoft. If exploited, an attacker could execute arbitrary code on the affected server, potentially gaining significant control over network infrastructure. This update adds acknowledgements to the advisory and contains no new technical or patch information.

Security Architect’s Take: Verify that any Windows DHCP Server instances running in Azure or hybrid environments have the relevant patch applied. This update is informational only, so if you have already addressed CVE-2026-56159, no further action is required — but use this as a prompt to audit DHCP server exposure and ensure the service is not reachable from untrusted network segments.

Original advisory: CVE-2026-56159 DHCP Server Service Remote Code Execution Vulnerability