Windows CVE-2022-21907漏洞复现

• 测试环境：虚拟机Windows 10
• Windows版本：cn_windows_10_consumer_editions_version_2004_updated_sep_2020_x64_dvd_049d70ee.iso
  此次CVE的漏洞是由于HTTP.sys的缓冲区溢出从而导致的拒绝服务，蓝屏重启。

微软官方在第一时间修复此漏洞，据微软官方公布的此次漏洞影响范围：

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 for ARM64-based Systems

Windows 11 for x64-based Systems

Windows Server, version 20H2 (Server Core Installation)

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows 10 Version 21H1 for 32-bit Systems

Windows 10 Version 21H1 for ARM64-based Systems

Windows 10 Version 21H1 for x64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

修补措施：

默认情况下，Windows Server 2019 和 Windows 10 版本 1809不易受到攻击。除非您已通过EnableTrailerSupport注册表值启用 HTTP Trailer Support，否则系统不会受到攻击。

删除 DWORD 注册表值“EnableTrailerSupport”（如果存在于以下位置）：

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters

此缓解仅适用于 Windows Server 2019 和 Windows 10 版本 1809，不适用于 Windows 20H2 和更高版本。
漏洞复现验证视频

CVE-2022-21907Windows HTTP拒绝服务漏洞复现