Yesterday, Microsoft patched a critical flag tagged as wormable and identified affecting the latest desktop and server Windows versions including Windows 11 and Windows Server 2022.
A Wormable vulnerability means that the exploit could self propagate through a vulnerable network without user interaction.
In January Patch Tuesday update, Microsoft patched a critical bug tracked as CVE-2022-21907. With a CVSS score of 9.8, this critical vulnerability was discovered in the Windows HTTP protocol stack. It can be exploited by sending specially crafted packets to targeted servers that use the vulnerable HTTP protocol stack to process packets.
Meanwhile, Microsoft advises users to patch this vulnerability on all impacted servers as it could allow threat actors to remotely execute arbitrary code in low complexity attacks, and most use cases without needing user interaction.
According to Microsoft, In Windows Server 2019 and Windows 10 version 1809, the HTTP Trailer Support feature that contains the vulnerability is disabled by default.
The below-mentioned Windows registry key has to be configured on these two Windows versions to introduce the vulnerability.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters\
"EnableTrailerSupport"=dword:00000001
This mitigation doesn’t apply to other affected Windows versions, Microsoft added.
Looking for more Microsoft news? Signup for our newsletter for the latest update