Critical Vulnerability In Windows Enables Computer Worm

During the May patch cycle, Microsoft fixed 55 vulnerabilities, including a critical vulnerability that enables a computer worm, the tech company warns. Organizations are therefore called upon to install the security updates made available as soon as possible.

The vulnerability, designated CVE-2021-31166 , resides in the http protocol stack of Windows 10 and Windows Server. By sending a specially prepared network packet to a vulnerable server that uses this stack (http.sys) to process packets, an attacker could execute arbitrary code with kernel rights and thus completely take over the system. No user interaction is required.

The vulnerability was rated 9.8 on a severity scale of 1 to 10. According to Microsoft, which discovered the vulnerability itself, exploitation of the vulnerability is easy. Microsoft therefore recommends organizations to prioritize server patching.

"It is only a matter of time before someone finds out how to create the specially prepared package and we will see large-scale attacks against Windows 10 and Windows Server machines," said Adam Bunn of security firm Rapid7 . The Zero Day Initiative advises organizations to place the security update for CVE-2021-31166 at the top of the list of patches to be tested and deployed.

Previous Post Next Post