Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Warning: Vulnerability in Windows' HTTP Protocol Stack attacks remote code execution, no authentication required
This means that information systems that have not been updated are very vulnerable to exploitation and attack.
Vulnerability CVE-2022-21907 in Windows' HTTP Protocol Stack (http.sys) allows attackers to execute code remotely without authentication. This vulnerability severely affects Windows Server 2019 and Windows 10 version 1809 with a CVSS score of 9.8.
To avoid the risk of being attacked, the NCSC recommends that agencies and organizations soon review and identify potentially affected Windows operating systems and update the patch immediately.
In the event that the patch is not available, the units can take an alternative remedy by 'Deleting the DWORD registry value 'EnableTrailerSupport' in HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/HTTP/Parameters'. However, this measure only applies to Windows Server 2019, Windows 10, version 1809, not Windows 20H2 or later.
In January, Microsoft released an update that patched 96 security holes. According to the NCSC, there are 11 high-impact and critical vulnerabilities that need attention. In addition to the above CVE-2022-21907 include:
- 3 security holes CVE-2022-21846, CVE-2022-21969, CVE-2022-21855 in Microsoft Exchange Server, allowing attackers to execute code remotely.
- Vulnerability CVE-2022-21857 in Active Directory allows objects to elevate privileges.
- Vulnerability CVE-2022-21840 in Microsoft Office, allows attackers to execute code remotely.
- Vulnerability CVE-2022-21911 in the .NET Framework, allowing attackers to perform denial of service attacks.
- Vulnerability CVE-2022-21836 in Windows Certificate, allowing attackers to spoof.
- Vulnerability CVE-2022-21841 in Microsoft Excel, allows attackers to execute code remotely.
- Vulnerability CVE-2022-21837 in Microsoft SharePoint Server, allows attackers to execute code remotely.
- Vulnerability CVE-2022-21842 in Microsoft Word, allows attackers to execute code remotely.
Jessica TannerYou should read it
May be interested
- Microsoft warns of Windows BlueKeep attacks
bluekeep is an unauthenticated remote code execution flaw that affects most commonly used microsoft products. - VMware patches RCE Spring4Shell vulnerability on a wide range of productsvmware has released a number of security updates to patch remote code execution for a dangerous vulnerability called spring4shell in the company's virtual machine and cloud products.
- The NSA issued an urgent warning about a critical vulnerability appearing in Windows serversthis is a vulnerability that exists in the cryptographic authentication scheme used by the netlogon remote protocol.
- Warning of dangerous Spring4Shell vulnerability, there are signs of scanning and exploitingspring has just released an urgent update to patch the spring4shell remote code execution zero-day vulnerability. information about this vulnerability was leaked on the internet before the patch was released.
- Critical error on Apache Struts2 allows hackers to take over the web servernew researchers have discovered a remote code execution flaw in the apache struts open source web application framework, allowing an attacker to run malicious code on the server.
- The CredSSP vulnerability in the RDP protocol affects all versions of Windowsa serious vulnerability just found on the credssp protocol affects all versions of windows, allowing attackers to exploit rdp and winrm to steal data or run malicious code.
- Google urged Chrome users to update the new version immediately to fix the vulnerabilityimmediately after reading this article, you must remember to update your google chrome immediately to the latest version!
- Security in HTTPhttp is used for communication over the internet, so application programmers, information providers, and users should be aware of the protection limitations in http / 1.1.
- Google releases an urgent update for Chrome, users should update immediatelygoogle has rolled out emergency updates for chrome users on both windows, macos and linux to patch a critical flaw.
- Stack Overflow hits the hacker face, no significant damage is recordedin a brief report released earlier today, stack overflow has reportedly recorded an attack that led hackers to successfully access their production systems.
Attack the network
- Discovered new ransomware called White Rabbit, related to the notorious FIN8 hacker group
- Microsoft issued a warning about macOS security errors, urging users to update the software immediately
- The Gupteba botnet that infected 1 million Windows computers has just been taken down by Google
- Dangerous malicious code, capable of self-mutating, attacking the vaccine manufacturing industry
- Detected malicious attack campaign targeting TikTok, threatening to delete accounts of many celebrities
- AMD admits that its new driver update packages for Windows are becoming a 'shooting target' of hackers
Discovered new ransomware called White Rabbit, related to the notorious FIN8 hacker group
Microsoft issued a warning about macOS security errors, urging users to update the software immediately
The Gupteba botnet that infected 1 million Windows computers has just been taken down by Google
Dangerous malicious code, capable of self-mutating, attacking the vaccine manufacturing industry
Detected malicious attack campaign targeting TikTok, threatening to delete accounts of many celebrities
AMD admits that its new driver update packages for Windows are becoming a 'shooting target' of hackers