MS.Windows.HTTP.sys.UlpParseAcceptEncoding.Use.After.Free
Description
This indicates an attack attempt to exploit a Use After Free Vulnerability in Microsoft Windows HTTP.sys.
The vulnerability is due to insufficient handling of certain HTTP requests handled by Microsoft Windows HTTP.sys. A remote, authenticated attacker can exploit this vulnerability by sending a crafted HTTP request to the target server. Successful exploitation could result in the execution of arbitrary code.
Affected Products
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows Server, version 2004 (Server Core installation)
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows Server, version 20H2 (Server Core Installation)
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-31166
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |