Skip to main content
Zero Days & Vulns

Microsoft Windows https.sys vulnerability

By 18 mai 2021juillet 10th, 2021No Comments

A proof of concept has been released for a wormable memory corruption vulnerability in an HTTP protocol stack (http.sys) used by Windows IIS. 

No exploits have been observed in the wild yet.

  • CVE-2021-31166: Unauthenticated threat actors can exploit this CVE to remotely execute arbitrary code and trigger DoS attacks by sending malicious packets through vulnerable HTTP. 
  • Impacted versions: Windows 10 versions 2004/20H2 and Windows Server versions 2004/20H2.
  • Microsoft issued a security advisory and recommends all customers to patch their systems 

For more information, refer to Microsoft  for solutions to mitigate and defend your systems.

Sources : Cert-fr, Microsoft, Recorded Future, Bleeping Computer, GitHub