Microsoft advises companies urgently patch wormable critical Windows Server RCE

by Surur
January 11, 2022
exploit hack

Is Copilot the best AI companion out there? Help us find out by answering a couple of quick questions!

Microsoft has quietly released a patch for a serious easily exploitable remote code exploit for Windows desktop and Server, including the latest Windows 11 and Windows Server 2022.

The exploit is in HTTP Protocol Stack (HTTP.sys) and can be exploited merely by sending a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets. Attackers do not even need to be authenticated.

Luckily no proof of concept code for CVE-2022-21907 has been released yet, and there is no known exploit in the wild.

There is also mitigation available.

In Windows Server 2019 and Windows 10 version 1809, the HTTP Trailer Support feature that contains the vulnerability is not active by default. The following registry key must be configured to introduce the vulnerable condition:



This mitigation does not apply to the other affected versions.

Nevertheless, Microsoft suggests IT staff prioritize the patching of affected servers.

Read more about the issue at Microsoft here.

via BleepingComputer

Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}