Warning: Vulnerability in Windows' HTTP Protocol Stack attacks remote code execution, no authentication required

This means that information systems that have not been updated are very vulnerable to exploitation and attack.

Vulnerability CVE-2022-21907 in Windows' HTTP Protocol Stack (http.sys) allows attackers to execute code remotely without authentication. This vulnerability severely affects Windows Server 2019 and Windows 10 version 1809 with a CVSS score of 9.8.

To avoid the risk of being attacked, the NCSC recommends that agencies and organizations soon review and identify potentially affected Windows operating systems and update the patch immediately.

In the event that the patch is not available, the units can take an alternative remedy by 'Deleting the DWORD registry value 'EnableTrailerSupport' in HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/HTTP/Parameters'. However, this measure only applies to Windows Server 2019, Windows 10, version 1809, not Windows 20H2 or later.

In January, Microsoft released an update that patched 96 security holes. According to the NCSC, there are 11 high-impact and critical vulnerabilities that need attention. In addition to the above CVE-2022-21907 include:

1. 3 security holes CVE-2022-21846, CVE-2022-21969, CVE-2022-21855 in Microsoft Exchange Server, allowing attackers to execute code remotely.
2. Vulnerability CVE-2022-21857 in Active Directory allows objects to elevate privileges.
3. Vulnerability CVE-2022-21840 in Microsoft Office, allows attackers to execute code remotely.
4. Vulnerability CVE-2022-21911 in the .NET Framework, allowing attackers to perform denial of service attacks.
5. Vulnerability CVE-2022-21836 in Windows Certificate, allowing attackers to spoof.
6. Vulnerability CVE-2022-21841 in Microsoft Excel, allows attackers to execute code remotely.
7. Vulnerability CVE-2022-21837 in Microsoft SharePoint Server, allows attackers to execute code remotely.
8. Vulnerability CVE-2022-21842 in Microsoft Word, allows attackers to execute code remotely.