Overview On January 12, NSFOCUS CERT detected that Microsoft released a monthly security update, which fixed an HTTP protocol stack remote code execution vulnerability (CVE-2022-21907). A buffer overflow can occur due to a boundary error in the HTTP Trailer Support feature in the HTTP stack (HTTP.sys). An unauthenticated attacker can...
