New Zero-Touch Remote Code Execution Bug in Windows Patched

Microsoft patched an HTTP protocol stack bug this month which is rated critical (9.8/10). More about this in a minute.

The number of patches is unusually high for January. It includes patches for 98 Windows bugs, 2 open source component bugs and 24 Chromium (Edge) bugs. These impact Edge, Exchange, Office, Sharepoint, .Net, Dynamics, Hyper-V, Defender, RDP and others. Wheh! 9 are rated critical and 89 are rated important.

Back to the top item. This bug is a zero-touch bug, meaning that it can be triggered without any user interaction and it also does not require any privilege escalation to work. All a hacker needs to do is send a malicious packet to the system.

Part of the reason that this bug got such a high rating is that it is WORMABLE, meaning that it can move from system to system after it infects the first system.

While this bug is more server-centric, workstations could also be running the http.sys daemon and many are. The bug affects Windows 10,11 and server.

Separately, Microsoft also patched a remote code execution bug in Office.

While January has historically been a boring patch month, this year is different. You should probably patch before the hackers find you.

Credit: The Register and Helpnet Security