CVE-2022-21907

Меры по смягчению последствий

Windows Server 2019 and Windows 10 version 1809 are not vulnerable by default. Unless you have enabled the HTTP Trailer Support via EnableTrailerSupport registry value, the systems are not vulnerable.

Delete the DWORD registry value "EnableTrailerSupport" if present under:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters

This mitigation only applies to Windows Server 2019 and Windows 10, version 1809 and does not apply to Windows 10, version 20H2 and newer.

FAQ

How could an attacker exploit this vulnerability?

In most situations, an unauthenticated attacker could send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets.

Is this wormable?

Yes. Microsoft recommends prioritizing the patching of affected servers.

Windows 10, Version 1909 is not in the Security Updates table. Is it affected by this vulnerability?

No, the vulnerable code does not exist in Windows 10, version 1909. It is not affected by this vulnerability.

Is the EnableTrailerSupport registry key present in any other platform than Windows Server 2019 and Windows 10, version 1809?

No, the registry key is only present in Windows Server 2019 and Windows 10, version 1809.