Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Warning: Vulnerability in Windows' HTTP Protocol Stack attacks remote code execution, no authentication required
This means that information systems that have not been updated are very vulnerable to exploitation and attack.
Vulnerability CVE-2022-21907 in Windows' HTTP Protocol Stack (http.sys) allows attackers to execute code remotely without authentication. This vulnerability severely affects Windows Server 2019 and Windows 10 version 1809 with a CVSS score of 9.8.
To avoid the risk of being attacked, the NCSC recommends that agencies and organizations soon review and identify potentially affected Windows operating systems and update the patch immediately.
In the event that the patch is not available, the units can take an alternative remedy by 'Deleting the DWORD registry value 'EnableTrailerSupport' in HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/HTTP/Parameters'. However, this measure only applies to Windows Server 2019, Windows 10, version 1809, not Windows 20H2 or later.
In January, Microsoft released an update that patched 96 security holes. According to the NCSC, there are 11 high-impact and critical vulnerabilities that need attention. In addition to the above CVE-2022-21907 include:
- 3 security holes CVE-2022-21846, CVE-2022-21969, CVE-2022-21855 in Microsoft Exchange Server, allowing attackers to execute code remotely.
- Vulnerability CVE-2022-21857 in Active Directory allows objects to elevate privileges.
- Vulnerability CVE-2022-21840 in Microsoft Office, allows attackers to execute code remotely.
- Vulnerability CVE-2022-21911 in the .NET Framework, allowing attackers to perform denial of service attacks.
- Vulnerability CVE-2022-21836 in Windows Certificate, allowing attackers to spoof.
- Vulnerability CVE-2022-21841 in Microsoft Excel, allows attackers to execute code remotely.
- Vulnerability CVE-2022-21837 in Microsoft SharePoint Server, allows attackers to execute code remotely.
- Vulnerability CVE-2022-21842 in Microsoft Word, allows attackers to execute code remotely.
Jessica TannerYou should read it
May be interested
- Discovered new ransomware called White Rabbit, related to the notorious FIN8 hacker group
a new family of ransomware called white rabbit has just been discovered by researchers. according to research results, it is possible that this ransomware is a side activity of the notorious fin8 hacker group. - Microsoft issued a warning about macOS security errors, urging users to update the software immediatelythe microsoft security team recently issued a warning about a vulnerability that exists in a bug in apple's transparency, consent and control (tcc) technology. tcc is a technology that has been around since 2012.
- The Gupteba botnet that infected 1 million Windows computers has just been taken down by Googleglopbeta is a dangerous type of malware with the ability to steal user information and cookies, mine virtual currency, deploy and operate proxy components... it usually targets both windows and device systems. iot devices.
- Dangerous malicious code, capable of self-mutating, attacking the vaccine manufacturing industrya dangerous type of malicious code, capable of mutating itself to avoid security software, is attacking vaccine manufacturing and supply companies globally.
- Detected malicious attack campaign targeting TikTok, threatening to delete accounts of many celebritiesinternational security researchers have recently issued an urgent warning about a new phishing attack campaign on the tiktok platform.
- AMD admits that its new driver update packages for Windows are becoming a 'shooting target' of hackersamd has just published a long list of security flaws and corresponding exploits related to their windows 10 graphics driver updates.
Attack the network
Hundreds of HP printer models contain vulnerabilities that allow remote code execution attacks- ProFTPD remote code execution vulnerability affects more than 1 million servers worldwide
- Detects code execution vulnerabilities in WinRAR, noting more than 100 infringement cases
- Log4Shell zero-day vulnerability discovered, the new nightmare of enterprises
- Adobe Flash Player has a serious zero-day vulnerability
Hundreds of HP printer models contain vulnerabilities that allow remote code execution attacks
ProFTPD remote code execution vulnerability affects more than 1 million servers worldwide
Detects code execution vulnerabilities in WinRAR, noting more than 100 infringement cases
Log4Shell zero-day vulnerability discovered, the new nightmare of enterprises
Adobe Flash Player has a serious zero-day vulnerability