HTTP Vulnerability in Windows 10
Remote code execution is an exploit where an attacker exploits a known vulnerability in the software and executes arbitrary code for running malicious tasks in the victim’s computer. This is often remedied by pushing software patches by the vendors, and it’s users’ duty to apply them whenever made available. Microsoft released one such patch in this month’s Windows 10 cumulative update, which secures the HTTP vulnerability (tracked as CVE-2021-31166) affecting Windows 10 2004/20H2 and Windows Server versions 2004/20H2. Researchers said this vulnerability could allow an attacker to process a remote code execution if exploited. The issue especially pertains to HTTP Protocol Stack (HTTP.sys) used by the Windows Internet Information Services (IIS) web server, which processes the HTTP requests by being a protocol listener. After Microsoft released a patch for this, Axel Souchet, a security researcher, released a demo proof-of-concept code for this vulnerability that cannot spread automatically among the connected systems.
— Axel Souchet (@0vercl0k) May 16, 2021 While the threat itself is limited to one computer, it can blank out the system to go Blue Screen of Death (BSOD) if exploited. He explained that as, As it’s critical enough and can be exploited with the demo PoC codes in the wild, Microsoft strongly recommends users update their Windows 10 systems to the latest version being pushed to safeguard themselves.