Streamline your cloud experience and maximise your cloud investment with Microsoft Azure-aligned public cloud services.
Host all of your workloads in the most appropriate location while experiencing the simplicity of one cloud from Six Degrees.
Enhance your cyber security and safeguard your organisation with our cyber security strategy and advisory, consultancy, and managed services.
Connect your business through a comprehensive connectivity portfolio delivered via our owned and operated core Next Generation Network (NGN).
Access the smarter, faster technology needed to make the most of your hybrid working future.
Streamline your hosting with comprehensive colocation services delivered from three UK data centres.
Gain clarity and control of your 5G estate, ensuring ongoing cost efficiencies are managed on your behalf through our managed service.
Gain confidence in your cloud direction and achieve accelerated time to value through our assured and optimised cloud services.
Master today’s complex threat landscape and protect your business with our intelligence-led security services.
Videos and webinars are a great way to digest the latest technology insights.
Our eBooks and whitepapers provide in-depth insights from our experts.
Our thought leaders publish regular blogs on up-to-the-minute topics.
Learn all about the latest news from Six Degrees as we continue to evolve.
We host regular in-person and virtual events for our clients.
Learn how we enable our clients to achieve more; providing superior secure solutions, powered by our passionate people.
We are proud to partner with many of the world’s leading vendors, enabling you to leverage our continual investment in difference-making technology.
Learn how CNS at Six Degrees delivers intelligence-led security services that protect organisations in today’s hostile landscape.
We are committed to operating in an environmentally and socially conscious way. Learn more about our commitments as a business.
We are proud of our secure cloud credentials. Learn why we’re one of the most highly accredited providers in the UK.
We are a friendly and passionate bunch here. Whether you want to work with us or for us, we think you’ll enjoy the Six Degrees experience.
Home » Company updates » HTTP Protocol Stack Remote Code Execution Vulnerability
On 11th January 2022 (as part of patch Tuesday) Microsoft released patches for 97 CVE-numbered vulnerabilities, including a wormable remote code execution in Windows Server (CVE-2022-21907). This means an attacker could utilise the HTTP Protocol Stack (http.sys) on a server inside your network to run malicious code without asking for permission first.
The vulnerability has been given a 9.8 CVSSv3 score; patching affected servers should be prioritised immediately (Windows 10 and 11 and Server 2019 and 2022).
The flaw has not yet been exploited, but it has been rated as ‘Exploitation More Likely’ according to Microsoft’s Exploitability Index.
We would also like to remind you that similar vulnerabilities exist in Windows 7 and 8, as well as Server 2003 and 2008. However, as these are end of life they are no longer reported by Microsoft and no further patches are developed. If you currently operate with any of these legacy operating systems, we encourage you to discuss upgrade options with your account team as soon as possible.
Microsoft have retracted their Windows Server updates due to critical bugs. We will apply the update as soon as a patch has been released.
We will continue to apply patching for Windows 10 Desktops.
Six Degrees appoints new Chief Revenue and Chief…
Fortify your organisation’s security posture by evaluating your…
More information on our Privacy and Cookies Policy can be found here: https://www.6dg.co.uk/privacy-cookies/. You can update how we contact you in the future by visiting our Communications Preference Centre here: https://www.6dg.co.uk/preference-centre/.
