This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 64%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
Hi,
Good day!
Microsoft has released fix for CVE-2022-21907 (HTTP Protocol Stack Remote Code Execution Vulnerability) in their January 2022 Security Update. Our systems are currently using Windows 10 version 1607.
Is CVE-2022-21907 affects Windows 10 versions 1607 or not? If it affects, is applying KB5009546 may fix this vulnerability?
Thanks in advance for your answers.
Best regards,
SecPatchCreator
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 81%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERA%3C/text%3E%3C/svg%3E)
Take a note that support for 1607 already ended and it means you won't receive any new update for this build. In case this vulnerability is not affected, this build might be affected by other vulnerabilities, therefore it is recommended to upgrade to the latest or supported build. Since this build is not supported Microsoft won't test it and it might or might not be affected.
For more information about CVE-2022-21907 take a look at:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-21907
Hi Reza-Ameri,
Good day!
Thank you very much for providing answers to my inquiry.
Best regards,
SecPatchCreator
Welcome glad it was helpful.