Network Time Foundation releases NTP 4.2.8p9 with 40 security patches, bug fixes, and improvements. Security researcher Magnus Stubman has released a proof-of-concept exploit for a critical vulnerability in the Network Time Protocol (ntpd) that could allow anyone to crash a server with just a single maliciously crafted packet. NTP got the most attention in late 2014 and 2015 when hackers used it to launch highly amplified DDoS attacks against services including League of Legends, EA.com, and Battle.net.
Source: https://thehackernews.com/2016/11/ntp-server-vulnerability.html