Microsoft Patched a Critical HTTP Bug in Windows 11

At this month’s Tuesday patch, Microsoft has patched a critical bug affecting two latest Windows versions – Windows 11 and Windows Server 2022.

The bug is said to be wormable and was found in the HTTP Protocol Stack, a protocol listener for processing HTTP requests. The company said a hacker can craft a malicious packet and send it to the vulnerable system to trigger it, and lets them execute arbitrary code if exploited successfully.

Bug in Latest Windows Versions

Software containing bugs is now a general thing. While it becomes a routine, how soon the maker of it is responding with a patch should be noted. And Microsoft is fairly good at it. The latest one that company has patched is CVE-2022-21907, a wormable bug found in Windows 11 and Windows Server 2022.

Also Read- Microsoft Brings New Notepad App to Windows 11 Beta Channel

The concerned bug was found in the HTTP Protocol Stack (HTTP.sys), which is a protocol listener and used by the Windows Internet Information Services for web servers processing HTTP requests. Microsoft said that a threat actor can exploit this bug by sending a maliciously crafted packet to the targeted Windows servers.

Which will then be used in the vulnerable HTTP Protocol Stack for processing packets, thereby triggering the bug. Once exploited, this can let the threat actors execute arbitrary code in the victims’ systems, without any user interaction in most cases.

To exploit this, Microsoft said the following Windows registry key has to be configured on these two Windows versions;

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters\ 

"EnableTrailerSupport"=dword:00000001

Well, Microsoft has patched this bug in this month’s Tuesday update and confirmed that there’s no evidence of active exploitation of the bug before it was patched. Also, there is no proof of concept exploits shared on the web for this.

If not updated, Microsoft advised the users to disable the HTTP Trailer Support feature, which should protect the systems from any exploitation.

LEAVE A REPLY

Please enter your comment!
Please enter your name here