A proof of concept (PoC) script was released exploiting a critical vulnerability in the latest version of Windows 10 and Windows Server additions. The vulnerability, tracked as CVE-2021-31166 was found in the HTTP Protocol Stack (HTTP.sys), used by the Windows Information (IIS) webserver. The Windows HTTP vulnerability has wormable properties, meaning it is self-propagating, unlike a virus, it can autonomously infect other systems. Microsoft disclosed that the vulnerability impacts the following versions:
- Windows 10 versions 2004/20H2
- Windows Server versions 2004/20H2
The impact:
Demo exploit code released by a security researcher called Axel Souchet. This PoC lacks the wormable properties, but it does abuse the vulnerability to trigger a Denial of Service, leading to a “Blue screen of death” on vulnerable systems.
Link to PoC.
The vulnerability allows an unauthenticated attacker to execute arbitrary commands remotely.
The remediation:
Microsoft has patched the vulnerability and recommends prioritising patching of affected servers. More information on the vulnerability can be found in Microsoft’s advisory.
Source: Bleeping Computer