Outbreak Alert

Microsoft WinHTTP Protocol Stack RCE Vulnerability

Released: Jan 13, 2022

Download PDF »

WinHTTP Protocol Stack RCE

High Severity

Microsoft Windows Platform

Microsoft Vendor

Vulnerability Type

A remote code execution vulnerability in Windows’ Internet Information Services (IIS) component.

Microsoft's January 2022 Patch Tuesday contains updates on 97 security vulnerabilities, one of which is CVE-2022-21907 rated with 9.8 and can lead to a remote code execution. Learn More »

Common Vulnerabilities and Exposures

CVE-2022-21907

Background

As reported by Microsoft - during the January 2022 security update cycle - a patch was released for vulnerabilities CVE-2022-21907. That is a critical bug on HTTP Protocol Stack that can lead to a remote code execution without any user interaction or privelege required.

Threat Radar Overall Score:

	CVSS Rating	9.0
	FortiRecon Score	92/100
	Known Exploited	No
	Exploit Prediction Score	84.04%
	FortiGuard Telemetry	38

Latest Development

Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.

On January 11, the Microsoft security update was published at:
https://msrc.microsoft.com/update-guide/releaseNote/2022-Jan

And, a cybersecurity news site ThreatPost published a follow-up article at:
https://threatpost.com/microsoft-wormable-critical-rce-bug-zero-day/177564

On January 12, FortiGuard Labs published a threat signal report:
https://www.fortiguard.com/threat-signal-report/4372

FortiGuard Labs is actively monitoring for detections in the wild. Refer the table below for the latest Security Fabric protections available

FortiGuard Cybersecurity Framework

Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.

PROTECT

Vulnerability
IPS
Web App Security
Application Firewall

DETECT

Outbreak Detection
Threat Hunting

RESPOND

Assisted Response Services
Automated Response

RECOVER

InfoSec Services

IDENTIFY

Attack Surface Monitoring (Inside & Outside)

Threat Intelligence

Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.

Loading ...

References

Sources of information in support and relation to this Outbreak and vendor.

Microsoft

Learn More »

Threat Post

Learn More »

Threat Singal

Learn More »

NIST

Learn More »

Fortinet Blog

Learn More »

Update

Learn More »

About FortiGuard Outbreak Alerts

Learn More »

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

Outbreak Alert

Microsoft WinHTTP Protocol Stack RCE Vulnerability

A remote code execution vulnerability in Windows’ Internet Information Services (IIS) component.

Common Vulnerabilities and Exposures

Background

Threat Radar Overall Score: 2.8

Latest Development

FortiGuard Cybersecurity Framework

Threat Intelligence

Indicators of compromise IOC Threat Activity

References

Microsoft

Threat Post

Threat Singal

NIST

Fortinet Blog

Update

About FortiGuard Outbreak Alerts

Threat Intelligence
Center

Threat Radar Overall Score:

Indicators of compromise
IOC Threat Activity