Windows HTTP Protocol Stack RCE Vulnerability (CVE-2022-21907) (opens in new tab)

Dutch CERT has a advisory about it: https://www.ncsc.nl/actueel/advisory?id=NCSC-2022-0014 (in Dutch) with all relevant CVE codes, but the RCE in http.sys is rated the highest, that is CVE-2022-21907.

Update NOW, patch is out. CVSS:3.1 9.8/8.5