Security News > 2021 > May > Exploit released for wormable Windows HTTP vulnerability

Proof-of-concept exploit code has been released over the weekend for a critical wormable vulnerability in the latest Windows 10 and Windows Server versions.

The bug, tracked as CVE-2021-31166, was found in the HTTP Protocol Stack used by the Windows Internet Information Services web server as a protocol listener for processing HTTP requests.

Microsoft has patched the vulnerability during this month's Patch Tuesday, and it impacts ONLY Windows 10 versions 2004/20H2 and Windows Server versions 2004/20H2.

While the PoC's release could allow threat actors to develop their own faster, potentially allowing remote code execution, the patching process should also be fast and the impact limited given that most home users with the latest Windows 10 versions should have already updated earlier this week.

Microsoft has patched other wormable bugs in the last two years, impacting the Remote Desktop Services platform, the Server Message Block v3 protocol, and the Windows DNS Server.

Attackers are yet to abuse them to create wormable malware capable of spreading between computers running these vulnerable Windows components.

News URL

https://www.bleepingcomputer.com/news/security/exploit-released-for-wormable-windows-http-vulnerability/