1 article
CVE-2026-44815 in the Windows DHCP Client enables SYSTEM-level RCE via a rogue DHCP server on the same broadcast domain. DHCP Snooping (DHCP Guard) on enterprise switches is the primary compensating control while patching proceeds, but its effectiveness depends on consistent enforcement across all access-layer switches and correct handling of edge cases like DHCP relay configurations.