Microsoft advises companies urgently patch wormable critical Windows Server RCE

Home » Microsoft

Reading time icon 1 min. read

Calendar icon Published on

by Surur Davids 

published on

Share this article

Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

exploit hack

Microsoft has quietly released a patch for a serious easily exploitable remote code exploit for Windows desktop and Server, including the latest Windows 11 and Windows Server 2022.

The exploit is in HTTP Protocol Stack (HTTP.sys) and can be exploited merely by sending a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets. Attackers do not even need to be authenticated.

Luckily no proof of concept code for CVE-2022-21907 has been released yet, and there is no known exploit in the wild.

There is also mitigation available.

In Windows Server 2019 and Windows 10 version 1809, the HTTP Trailer Support feature that contains the vulnerability is not active by default. The following registry key must be configured to introduce the vulnerable condition:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters\

"EnableTrailerSupport"=dword:00000001

This mitigation does not apply to the other affected versions.

Nevertheless, Microsoft suggests IT staff prioritize the patching of affected servers.

Read more about the issue at Microsoft here.

via BleepingComputer

More about the topics: microsoft, security

Surur Davids

Surur Davids Shield

Smartphone Expert

Surur Davids is the founder of WMPoweruser which later became MSPoweruser.com. He's a smartphone expert with over a decade of experience.

Leave a Reply

Your email address will not be published. Required fields are marked *