Warning: Vulnerability in Windows' HTTP Protocol Stack attacks remote code execution, no authentication required
This means that information systems that have not been updated are very vulnerable to exploitation and attack.
Vulnerability CVE-2022-21907 in Windows' HTTP Protocol Stack (http.sys) allows attackers to execute code remotely without authentication. This vulnerability severely affects Windows Server 2019 and Windows 10 version 1809 with a CVSS score of 9.8.
To avoid the risk of being attacked, the NCSC recommends that agencies and organizations soon review and identify potentially affected Windows operating systems and update the patch immediately.
In the event that the patch is not available, the units can take an alternative remedy by 'Deleting the DWORD registry value 'EnableTrailerSupport' in HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/HTTP/Parameters'. However, this measure only applies to Windows Server 2019, Windows 10, version 1809, not Windows 20H2 or later.
In January, Microsoft released an update that patched 96 security holes. According to the NCSC, there are 11 high-impact and critical vulnerabilities that need attention. In addition to the above CVE-2022-21907 include:
- 3 security holes CVE-2022-21846, CVE-2022-21969, CVE-2022-21855 in Microsoft Exchange Server, allowing attackers to execute code remotely.
- Vulnerability CVE-2022-21857 in Active Directory allows objects to elevate privileges.
- Vulnerability CVE-2022-21840 in Microsoft Office, allows attackers to execute code remotely.
- Vulnerability CVE-2022-21911 in the .NET Framework, allowing attackers to perform denial of service attacks.
- Vulnerability CVE-2022-21836 in Windows Certificate, allowing attackers to spoof.
- Vulnerability CVE-2022-21841 in Microsoft Excel, allows attackers to execute code remotely.
- Vulnerability CVE-2022-21837 in Microsoft SharePoint Server, allows attackers to execute code remotely.
- Vulnerability CVE-2022-21842 in Microsoft Word, allows attackers to execute code remotely.
You should read it
May be interested
- Microsoft warns of Windows BlueKeep attacksbluekeep is an unauthenticated remote code execution flaw that affects most commonly used microsoft products.
- VMware patches RCE Spring4Shell vulnerability on a wide range of productsvmware has released a number of security updates to patch remote code execution for a dangerous vulnerability called spring4shell in the company's virtual machine and cloud products.
- The NSA issued an urgent warning about a critical vulnerability appearing in Windows serversthis is a vulnerability that exists in the cryptographic authentication scheme used by the netlogon remote protocol.
- Warning of dangerous Spring4Shell vulnerability, there are signs of scanning and exploitingspring has just released an urgent update to patch the spring4shell remote code execution zero-day vulnerability. information about this vulnerability was leaked on the internet before the patch was released.
- Critical error on Apache Struts2 allows hackers to take over the web servernew researchers have discovered a remote code execution flaw in the apache struts open source web application framework, allowing an attacker to run malicious code on the server.
- The CredSSP vulnerability in the RDP protocol affects all versions of Windowsa serious vulnerability just found on the credssp protocol affects all versions of windows, allowing attackers to exploit rdp and winrm to steal data or run malicious code.
- Google urged Chrome users to update the new version immediately to fix the vulnerabilityimmediately after reading this article, you must remember to update your google chrome immediately to the latest version!
- Security in HTTPhttp is used for communication over the internet, so application programmers, information providers, and users should be aware of the protection limitations in http / 1.1.
- Google releases an urgent update for Chrome, users should update immediatelygoogle has rolled out emergency updates for chrome users on both windows, macos and linux to patch a critical flaw.
- Stack Overflow hits the hacker face, no significant damage is recordedin a brief report released earlier today, stack overflow has reportedly recorded an attack that led hackers to successfully access their production systems.