CISA description
Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution.
CVE-2021-31166
Microsoft · HTTP Protocol Stack
Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability
Required action
Apply updates per vendor instructions.
Notes & references
Where this lands in 800-53
Vulnerability data triggers these controls during assessment and continuous monitoring.