A remote code execution vulnerability could enable a malicious cyber actor to compromise vulnerable Microsoft Windows hosts. The ACSC strongly recommends applying available patches.
A high severity vulnerability has been discovered within the HTTP.SYS HTTP Protocol Stack within select versions of Microsoft Windows. Successful exploitation of this vulnerability could enable a malicious cyber actor to take full control of the vulnerable system. Additional details on the vulnerability and affected Microsoft Windows versions are available from the Microsoft security advisory.
At this time the ACSC has not identified any active exploitation of these vulnerabilities. However, due to widespread use of Microsoft Windows within Australia, there would likely be a significant impact to Australian systems and networks if exploitation is successful.
The ACSC strongly recommends that Australian organisations:
- Review their systems and networks for the presence of the affected Microsoft Windows desktop and server versions;
- Apply the appropriate patch as identified by the Microsoft security advisory.
The ACSC is monitoring the situation and is able to provide assistance and advice as required. The ACSC will update this alert as the situation changes if required. Organisations that have been impacted or require assistance can contact the ACSC via 1300 CYBER1.