fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Wormable Windows HTTP Vulnerability Also Affects WinRM Servers

Wormable Windows HTTP Vulnerability Also Affects WinRM Servers

A wormable vulnerability in the HTTP Protocol Stack of the Windows IIS server can also be used to attack unpatched Windows 10 and Server systems publicly exposing the WinRM (Windows Remote Management) service.

Microsoft already patched the critical bug tracked as CVE-2021-31166 during the May Patch Tuesday.

Luckily, although it can be abused by threat in remote code execution (RCE) attacks, the vulnerability ONLY impacts versions 2004 and 20H2 of Windows 10 and Windows Server.

Microsoft recommended prioritizing patching all affected servers because the vulnerability could allow unauthenticated attackers to execute arbitrary code remotely “in most situations” on vulnerable computers.

Adding to this, over the weekend, security researcher Axel Souchet has published proof-of-concept exploit code that can be used to crash unpatched systems using maliciously crafted packets by triggering blue screens of death.

WinRM enabled by default on enterprise endpoints

The bug was found in the HTTP Protocol Stack (HTTP.sys) used as a protocol listener by the Windows IIS web server for processing HTTP requests.

However, as discovered by security researcher Jim DeVries, it also impacts Windows 10 and Server devices running the WinRM service (short for Windows Remote Management), a component of the Windows Hardware Management feature set which also makes use of the vulnerable HTTP.sys.

Also Read: Got Hacked? Here Are 5 Ways to Handle Data Breaches

While home users have to enable the WinRM service manually on their Windows 10 systems, enterprise Windows Server endpoints have WinRM toggled on by default which makes them vulnerable to attacks if they’re running versions 2004 or 20H2.

“[CVE-2021-31166] is commonly used in corporate environments. It’s enabled by default on servers,” DeVries told BleepingComputer.

“I don’t think this is a big risk for home PCs but, should someone marry this to a worm and ransomware, it could run wild in corporate environments.”

Over 2 million Internet-exposed WinRM servers

DeVries’ findings have also been confirmed by CERT/CC vulnerability analyst Will Dormann who successfully crashed a Windows system exposing the WinRM service using Souchet’s DoS exploit.

Dormann also discovered that over 2 million Windows systems reachable over the Internet are exposing the vulnerable WinRM service.

Luckily, only a subset of all these Internet-exposed Windows systems is vulnerable seeing that the vulnerability only impacts Windows 10 and Windows Server, versions 2004 and 20H2.

Windows systems exposing WinRM online
Windows systems exposing WinRM online (Will Dormann)

The exploit’s release could likely enable adversaries to create their own exploits faster, potentially also allowing remote code execution.

Also Read: Compliance Course Singapore: Spotlight on the 3 Offerings

However, the impact should also be limited and the patching process quite quick since most home users using affected Windows 10 versions have probably updated their systems last week.

Similarly, many companies should likely be safe from attacks targeting the bug since they don’t usually deploy the latest Windows Server versions as soon as they are released.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us