A high severity vulnerability has been discovered within the HTTP.SYS HTTP Protocol Stack within select versions of Microsoft Windows. Successful exploitation of this vulnerability could enable a malicious cyber actor to take full control of the vulnerable system. Additional details on the vulnerability and affected Microsoft Windows versions are available from the Microsoft security advisory.
At this time the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has not identified any active exploitation of these vulnerabilities. However, due to widespread use of Microsoft Windows within Australia, there would likely be a significant impact to Australian systems and networks if exploitation is successful.
Mitigation
The ASD's ACSC strongly recommends that Australian organisations:
- Review their systems and networks for the presence of the affected Microsoft Windows desktop and server versions;
- Apply the appropriate patch as identified by the Microsoft security advisory.
Assistance
The ASD's ACSC is monitoring the situation and is able to provide assistance and advice as required. The ASD's ACSC will update this alert as the situation changes if required. Organisations that have been impacted or require assistance can contact the ACSC via 1300 CYBER1.