Wormable Windows 11 vulnerability could let malware spread like wildfire
Microsoft addresses flaw in its January Patch Tuesday release
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Microsoftsays it has found and patched, a critical wormable flaw, affectingWindows 11and Windows Server 2022.
The flaw was found in the HTTP Protocol Stack, which is used for processing HTTP requests by the Windows Internet Information Services web server.
So far, there were no discoveries of the flaw being abused in the wild throughmalware, nor have there been any proof of concepts. However, Microsoft still urges everyone not to postpone the security patches, as the flaw is still quite potent. It allows unauthenticated attackers to execute arbitrary code, remotely, without much user interaction.
Danger to home users
To exploit it, a malicious actor would need to craft, and send, a specifically designed packet to the Windows server that uses the vulnerable HTTP Protocol Stack. The lucky break is that Windows Server 2019 andWindows 10v. 1809 don’t have the flawed HTTP Trailer Support feature turned on by default.
Explaining the flaw and how it works, Microsoft says this registry key needs to be configured on vulnerableoperating systemsfor the flaw to work:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters\
“EnableTrailerSupport”=dword:00000001
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
To protect vulnerable devices, disabling the HTTP Trailer Support feature will suffice.
Microsoft noted that most companies are probably secure, as they rarely rush to install the latest Windows versions on theirendpoints.
Home users, on the other hand, should be careful and make sure to apply the patch as soon as possible. Having a VPN, as well as an up-to-dateantivirus solution, is advised.
The vulnerability is tracked as CVE-2022-21907. Microsoft patched it during this month’s Patch Tuesday, which altogethe raddressed s a total of six zero-days, and almost 100 different flaws.
Of those, Microsoft fixed 41 vulnerabilities related to privilege escalation, nine security feature bypass vulnerabilities, 29 remote code execution vulnerabilities, six information disclosure vulnerabilities, and nine denial of service vulnerabilities. The company also fixed three flaws related to spoofing.
You might also want to check out our list of thebest ransomwareprotection right now
ViaBleepingComputer
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
A new form of macOS malware is being used by devious North Korean hackers
Scammers are using fake copyright infringement claims to hack businesses
How to turn off Meta AI
