At this month’s Tuesday patch, Microsoft has patched a critical bug affecting two latest Windows versions – Windows 11 and Windows Server 2022.
The bug is said to be wormable and was found in the HTTP Protocol Stack, a protocol listener for processing HTTP requests. The company said a hacker can craft a malicious packet and send it to the vulnerable system to trigger it, and lets them execute arbitrary code if exploited successfully.
Bug in Latest Windows Versions
Software containing bugs is now a general thing. While it becomes a routine, how soon the maker of it is responding with a patch should be noted. And Microsoft is fairly good at it. The latest one that company has patched is CVE-2022-21907, a wormable bug found in Windows 11 and Windows Server 2022.
The concerned bug was found in the HTTP Protocol Stack (HTTP.sys), which is a protocol listener and used by the Windows Internet Information Services for web servers processing HTTP requests. Microsoft said that a threat actor can exploit this bug by sending a maliciously crafted packet to the targeted Windows servers.
Which will then be used in the vulnerable HTTP Protocol Stack for processing packets, thereby triggering the bug. Once exploited, this can let the threat actors execute arbitrary code in the victims’ systems, without any user interaction in most cases.
To exploit this, Microsoft said the following Windows registry key has to be configured on these two Windows versions;
Well, Microsoft has patched this bug in this month’s Tuesday update and confirmed that there’s no evidence of active exploitation of the bug before it was patched. Also, there is no proof of concept exploits shared on the web for this.
If not updated, Microsoft advised the users to disable the HTTP Trailer Support feature, which should protect the systems from any exploitation.