CVE-2021-31166 - Security Update Guide - Microsoft - HTTP Protocol Stack Remote...
source link: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31166
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
-
- Customer Guidance
-
-
HTTP Protocol Stack Remote Code Execution Vulnerability
CVE-2021-31166Released: May 11, 2021
Please see Common Vulnerability Scoring System for more information on the definition of these metrics.
Exploitability
How could an attacker exploit this vulnerability?
In most situations, an unauthenticated attacker could send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets.
Is this wormable?
Yes. Microsoft recommends prioritizing the patching of affected servers.
Acknowledgements
- Microsoft Platform Security & Vulnerability Research
Security Updates
Disclaimer
Revisions
Information published.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK