Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Exploit code released puts Windows 10 20H2 and Windows Server 20H2 at risk
Vulnerability CVE-2021-3166 was first discovered in the HTTP Protocol Stack (HTTP.sys) used by the Windows Internet Information Services (IIS) web server as the protocol handler for handling HTTP requests.
However, to exploit this vulnerability, an attacker would have to send a special packet to servers that still use the vulnerable HTTP Protocol Stack to process the packets. Thankfully, however, Microsoft recently patched this vulnerability as part of its recent Patch Tuesday update, so the vulnerability only affects Windows 10 20H2 and Windows Server 20H2.
Because this bug could allow an unauthenticated attacker to remotely execute arbitrary code, Microsoft recommends that organizations patch all affected servers as soon as possible.
Security researcher Alex Souchet has released a PoC that lacks auto-spreading to show how an attacker can leverage CVE-2021-3166 to carry out attacks on Windows 10 systems and servers. vulnerable to attack.
By abusing the use-after-free vulnerability in HTTP.sys, Souchet's exploit could trigger a denial of service (DoS) attack leading to a blue screen of death (BSoD) on vulnerable systems. public.
While releasing a PoC exploit for this vulnerability may make it easier for cybercriminals to develop their own exploits, the fact is that the vulnerability was patched and released by Microsoft during the Windows Update. 10, which means most systems are safe from attacks.
However, if you haven't installed the latest Windows 10 update from Microsoft, now is the time to do so to avoid falling victim to any potential attacks that take advantage of this vulnerability.
Micah SotoYou should read it
- Windows 10 20H2: The first information is revealed
- Top 10 cool features on Windows 10 20H2
- Microsoft confirms Windows 10 20H2 has a blue screen error and restarts by itself
- How to download and create a Windows 10 October 2020 Update 20H2 installer by USB
- Microsoft issues an urgent warning to users of Windows 10 versions 1909 and 20H2
- Microsoft released the Windows 10 Iron 21H1 update on the Windows Insider Program
- 4 How to Update Windows 10 October 2020 Update
- Microsoft releases update KB4580364, which resolves crashes on Windows 10
May be interested
- How to download Windows 10 20H2 Insider version
you want to download windows 10 20h2 insider - windows version 2004 and codename manganese but don't know how to download, so please refer to the instructions in the article below. - Find bug in Emotet malware, prevent it from spreading for 6 monthsaccording to researcher james quinn of the security firm binary defense, like other software, malicious code also has vulnerabilities, error codes. hackers can exploit software vulnerabilities to cause harm, security experts can also decompile the source code of malicious code to find the vulnerability to exploit and defeat the malicious code.
- Microsoft launched Windows Server 2012 operating systemon september 5, the associated press reported, microsoft corp. has released windows server 2012 operating system, marking the first time they have released an important update for server platforms since 2009.
- Windows 7 is equipped with SHA-2 Support, which supports future updatesan update released by microsoft yesterday 12/3 has integrated sha-2 signing support for windows 7 sp1 and windows server 2008 r2 sp1.
- Efficiently exploit printers in Windows Server 2003 (Part 2)in part 1 of this article, i have shown you how to configure single printers to manage managed printers on a server running windows server 2.
- How to download and create a Windows 10 October 2020 Update 20H2 installer by USBso, after many trial versions, recently microsoft has officially sent windows 10 users the next big update. i will show you how to download and create windows 10 october 2020 update 20h2 installer using usb
- Microsoft stopped supporting Windows Server 2003 in the middle of next yearan estimated 39% of microsoft server operating systems are running version 2003. the suspension of support for this operating system creates a security risk.
- New update of Windows Server causes many serious errorsrecently, microsoft released updates kb5009555 for windows server 2012 r2, kb5009557 for windows server 2019, and kb5009555 for windows server 2022. these updates are part of the january 2022 patch tuesday updates.
- Microsoft issues an urgent warning to users of Windows 10 versions 1909 and 20H2microsoft has just issued an urgent warning to any windows 10 users who are still running versions 1909 or 20h2.
- Use IIS to set up FTP Server on Windowsset up an ftp server (file transfer protocol server) to share and convert large files with unlimited traffic.
Security solution
- Google Chrome uses Windows 10's new security feature to combat exploits
- Windows users need to update this software immediately
- Warning: This seemingly harmless message contains malware that threatens millions of Android users
- 5 common password-setting errors should be avoided
- Warning of zero-day vulnerabilities in window manager on PC
- What is Adaptive Security?
Google Chrome uses Windows 10's new security feature to combat exploits
Windows users need to update this software immediately
Warning: This seemingly harmless message contains malware that threatens millions of Android users
5 common password-setting errors should be avoided
Warning of zero-day vulnerabilities in window manager on PC
What is Adaptive Security?