HTTP.sys – WindowsTechs.com

This Week in Security: NetUSB, HTTP.sys, and 2013’s CVE is Back

Posted on January 21, 2022 by Jonathan Bennett

Let’s imagine a worst case situation for home routers. It would have to start with a port unintentionally opened to the internet, ideally in a popular brand, like Netgear. For …read more Continue reading This Week in Security: NetUSB, HTTP.sys, and 2013’s CVE is Back→

Wormable Windows HTTP hole – what you need to know

Posted on January 12, 2022 by Paul Ducklin

One bug in the January 2022 Patch Tuesday list is getting lots of attention: “HTTP Protocol Stack Remote Code Execution Vulnerability”. Continue reading Wormable Windows HTTP hole – what you need to know→

Detecting CVE-2021-31166 – HTTP vulnerability

Posted on May 27, 2021 by Ben Reardon

By Ben Reardon, Corelight Security Researcher In this blog we aim to provide a little insight into part of the lifecycle of Corelight Lab’s response to a critical HTTP vulnerability. We’ve open-sourced many such responses over the last year (see Append… Continue reading Detecting CVE-2021-31166 – HTTP vulnerability→

Microsoft Fixes 11 Critical Flaws, Readies Patches for Spectre Variant 4

Posted on June 13, 2018 by Lucian Constantin

Microsoft has fixed 50 vulnerabilities in its products during this month’s Patch Tuesday, 11 of which are rated critical. The company has also released mitigation for the new Spectre variant announced last month, known as Spectre Variant 4 or Sp… Continue reading Microsoft Fixes 11 Critical Flaws, Readies Patches for Spectre Variant 4→