{"id":4241,"date":"2022-01-12T18:38:16","date_gmt":"2022-01-12T13:08:16","guid":{"rendered":"https:\/\/xiarch.com\/blog\/?p=4241"},"modified":"2022-01-12T18:38:17","modified_gmt":"2022-01-12T13:08:17","slug":"new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft","status":"publish","type":"post","link":"https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/","title":{"rendered":"New Sensitive Vulnerability of Windows HTTP is Vulnerable \u2013 Microsoft"},"content":{"rendered":"\n

Microsoft has patched a sensitive bug tagged as harmful and discovers to affect the latest desktop versions, which consist of Windows 11 and Windows Server 2022. The bug, addressed as CVE-2022-21907 and patched during this month\u2019s Patch Tuesday, was founded in the HTTP Protocol Stack (HTTP.sys) utilized as a protocol listener for processing HTTP requests by the Windows Internet Information Services (IIS) webserver.<\/p><\/p>\n\n\n\n

Fortunate exploitation needs the threat actors to send maliciously designed packets to the targeted Windows server, which utilizes the vulnerable HTTP Protocol Stack for processing the packets. Microsoft suggests that users prioritize patching this bug on all the infected servers since it could permit unauthenticated attackers to remotely execute arbitrary code in low complexity attacks and \u201cin most of the cases,\u201d without needing user interaction.<\/p><\/p>\n\n\n\n

Mitigation Available for Few Windows Versions<\/strong><\/h2>\n\n\n\n

This flaw is not recently under ongoing exploitation and there are no publicly revealed proofs of concept exploits. Moreover, on some Windows versions (i.e., Windows Server 2019 and Windows 10 version 1809), the HTTP Trailer Support feature including the bug is not enabled by default.<\/p><\/p>\n\n\n\n

\"New-Sensitive-Vulnerability-of-Windows-HTTP-is-Vulnerable\u2013Microsoft-image1\"<\/figure><\/div>\n\n\n\n

according to Microsoft, the following Windows registry key has to be configured on these two Windows versions to introduce the vulnerability:<\/p><\/p>\n\n\n\n

HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Services\\HTTP\\Parameters\\<\/p><\/p>\n\n\n\n

“EnableTrailerSupport”=dword:00000001<\/p><\/p>\n\n\n\n

Disabling the HTTP Trailer Support feature will protect systems running the two versions, but this mitigation does not apply to other impacted Windows releases.<\/p><\/p>\n\n\n\n

Potential targets likely safe from attacks<\/strong><\/h2>\n\n\n\n

While home users are yet to apply today’s security updates, most companies will likely be protected from CVE-2022-21907 exploits, given that they don’t commonly run the latest released Windows versions.<\/p><\/p>\n\n\n\n

In the last two years, Microsoft has patched several other harmful bugs, impacting the Windows DNS Server (also known as SIGRed), the Remote Desktop Services (RDS) platform (also known as BlueKeep), and the Server Message Block v3 protocol (also known as SMBGhost).<\/p><\/p>\n\n\n\n

Redmond also addressed Windows HTTP RCE vulnerability in May 2021 (tracked as CVE-2021-31166 and also tagged as wormable), for which security researchers released demo exploit code that could trigger blue screens of death. However, threat actors are yet to exploit them to create wormable malware capable of spreading between vulnerable systems running vulnerable Windows software.<\/p><\/p>\n","protected":false},"excerpt":{"rendered":"

Microsoft has patched a sensitive bug tagged as harmful and discovers to affect the latest desktop versions, which consist of Windows 11 and Windows Server 2022. The bug, addressed as CVE-2022-21907 and patched during this month\u2019s Patch Tuesday, was founded in the HTTP Protocol Stack (HTTP.sys) utilized as a protocol listener for processing HTTP requests […]<\/p>\n","protected":false},"author":2,"featured_media":4243,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[6],"tags":[],"yoast_head":"\nNew Sensitive Vulnerability of Windows HTTP is Vulnerable \u2013 Microsoft - Xiarch Solutions Private Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"New Sensitive Vulnerability of Windows HTTP is Vulnerable \u2013 Microsoft - Xiarch Solutions Private Limited\" \/>\n<meta property=\"og:description\" content=\"Microsoft has patched a sensitive bug tagged as harmful and discovers to affect the latest desktop versions, which consist of Windows 11 and Windows Server 2022. The bug, addressed as CVE-2022-21907 and patched during this month\u2019s Patch Tuesday, was founded in the HTTP Protocol Stack (HTTP.sys) utilized as a protocol listener for processing HTTP requests […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/\" \/>\n<meta property=\"og:site_name\" content=\"Xiarch Solutions Private Limited\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/xiarch\/\" \/>\n<meta property=\"article:published_time\" content=\"2022-01-12T13:08:16+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-01-12T13:08:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2022\/01\/New-Sensitive-Vulnerability-of-Windows-HTTP-is-Vulnerable\u2013Microsoft-featured-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"525\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Xiarch Security\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@xiarch\" \/>\n<meta name=\"twitter:site\" content=\"@xiarch\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Xiarch Security\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/\"},\"author\":{\"name\":\"Xiarch Security\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\"},\"headline\":\"New Sensitive Vulnerability of Windows HTTP is Vulnerable \u2013 Microsoft\",\"datePublished\":\"2022-01-12T13:08:16+00:00\",\"dateModified\":\"2022-01-12T13:08:17+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/\"},\"wordCount\":376,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"articleSection\":[\"Vulnerabilities\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/\",\"url\":\"https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/\",\"name\":\"New Sensitive Vulnerability of Windows HTTP is Vulnerable \u2013 Microsoft - Xiarch Solutions Private Limited\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#website\"},\"datePublished\":\"2022-01-12T13:08:16+00:00\",\"dateModified\":\"2022-01-12T13:08:17+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/xiarch.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"New Sensitive Vulnerability of Windows HTTP is Vulnerable \u2013 Microsoft\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/xiarch.com\/blog\/#website\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"name\":\"Xiarch Solutions Private Limited\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/xiarch.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\",\"name\":\"Xiarch\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"contentUrl\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"width\":300,\"height\":300,\"caption\":\"Xiarch\"},\"image\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/xiarch\/\",\"https:\/\/twitter.com\/xiarch\",\"https:\/\/www.linkedin.com\/company\/xiarch\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\",\"name\":\"Xiarch Security\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"caption\":\"Xiarch Security\"},\"sameAs\":[\"https:\/\/xiarch.com\/blog\/\"],\"url\":\"https:\/\/xiarch.com\/blog\/author\/vector\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"New Sensitive Vulnerability of Windows HTTP is Vulnerable \u2013 Microsoft - Xiarch Solutions Private Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/","og_locale":"en_US","og_type":"article","og_title":"New Sensitive Vulnerability of Windows HTTP is Vulnerable \u2013 Microsoft - Xiarch Solutions Private Limited","og_description":"Microsoft has patched a sensitive bug tagged as harmful and discovers to affect the latest desktop versions, which consist of Windows 11 and Windows Server 2022. The bug, addressed as CVE-2022-21907 and patched during this month\u2019s Patch Tuesday, was founded in the HTTP Protocol Stack (HTTP.sys) utilized as a protocol listener for processing HTTP requests […]","og_url":"https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/","og_site_name":"Xiarch Solutions Private Limited","article_publisher":"https:\/\/www.facebook.com\/xiarch\/","article_published_time":"2022-01-12T13:08:16+00:00","article_modified_time":"2022-01-12T13:08:17+00:00","og_image":[{"width":1000,"height":525,"url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2022\/01\/New-Sensitive-Vulnerability-of-Windows-HTTP-is-Vulnerable\u2013Microsoft-featured-image.jpg","type":"image\/jpeg"}],"author":"Xiarch Security","twitter_card":"summary_large_image","twitter_creator":"@xiarch","twitter_site":"@xiarch","twitter_misc":{"Written by":"Xiarch Security","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/#article","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/"},"author":{"name":"Xiarch Security","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c"},"headline":"New Sensitive Vulnerability of Windows HTTP is Vulnerable \u2013 Microsoft","datePublished":"2022-01-12T13:08:16+00:00","dateModified":"2022-01-12T13:08:17+00:00","mainEntityOfPage":{"@id":"https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/"},"wordCount":376,"commentCount":0,"publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"articleSection":["Vulnerabilities"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/","url":"https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/","name":"New Sensitive Vulnerability of Windows HTTP is Vulnerable \u2013 Microsoft - Xiarch Solutions Private Limited","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/#website"},"datePublished":"2022-01-12T13:08:16+00:00","dateModified":"2022-01-12T13:08:17+00:00","breadcrumb":{"@id":"https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/xiarch.com\/blog\/new-sensitive-vulnerability-of-windows-http-is-vulnerable-microsoft\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/xiarch.com\/blog\/"},{"@type":"ListItem","position":2,"name":"New Sensitive Vulnerability of Windows HTTP is Vulnerable \u2013 Microsoft"}]},{"@type":"WebSite","@id":"https:\/\/xiarch.com\/blog\/#website","url":"https:\/\/xiarch.com\/blog\/","name":"Xiarch Solutions Private Limited","description":"","publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/xiarch.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/xiarch.com\/blog\/#organization","name":"Xiarch","url":"https:\/\/xiarch.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","contentUrl":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","width":300,"height":300,"caption":"Xiarch"},"image":{"@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/xiarch\/","https:\/\/twitter.com\/xiarch","https:\/\/www.linkedin.com\/company\/xiarch"]},{"@type":"Person","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c","name":"Xiarch Security","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","caption":"Xiarch Security"},"sameAs":["https:\/\/xiarch.com\/blog\/"],"url":"https:\/\/xiarch.com\/blog\/author\/vector\/"}]}},"_links":{"self":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/4241"}],"collection":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/comments?post=4241"}],"version-history":[{"count":1,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/4241\/revisions"}],"predecessor-version":[{"id":4245,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/4241\/revisions\/4245"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media\/4243"}],"wp:attachment":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media?parent=4241"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/categories?post=4241"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/tags?post=4241"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}