{"id":121903,"date":"2021-05-12T08:48:13","date_gmt":"2021-05-12T15:48:13","guid":{"rendered":"\/blogs\/?p=121903"},"modified":"2025-06-02T19:27:17","modified_gmt":"2025-06-03T02:27:17","slug":"major-http-vulnerability-in-windows-could-lead-to-wormable-exploit","status":"publish","type":"post","link":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/","title":{"rendered":"Major HTTP Vulnerability in Windows Could Lead to Wormable Exploit"},"content":{"rendered":"

Today, Microsoft released a highly critical vulnerability (CVE-2021-31166<\/a>) in its web server http.sys<\/a>. This product is a Windows-only HTTP server which can be run standalone or in conjunction with IIS (Internet Information Services) and is used to broker internet traffic via HTTP network requests. The vulnerability is very similar to CVE-2015-1635<\/a>, another Microsoft vulnerability in the HTTP network stack reported in 2015.<\/p>\n

With a CVSS score of 9.8, the vulnerability announced has the potential to be both directly impactful and is also exceptionally simple to exploit, leading to a remote and unauthenticated denial-of-service (Blue Screen of Death) for affected products.<\/p>\n

The issue is due to Windows improperly tracking pointers while processing objects in network packets containing HTTP requests. As HTTP.SYS is implemented as a kernel driver, exploitation of this bug will result in at least a Blue Screen of Death (BSoD), and in the worst-case scenario, remote code execution, which could be wormable. While this vulnerability is exceptional in terms of potential impact and ease of exploitation, it remains to be seen whether effective code execution will be achieved. Furthermore, this vulnerability only affects the latest versions of Windows 10 and Windows Server (2004 and 20H2), meaning that the exposure for internet-facing enterprise servers is fairly limited, as many of these systems run Long Term Servicing Channel (LTSC) versions, such as Windows Server 2016 and 2019, which are not susceptible to this flaw.<\/p>\n

At the time of this writing, we are unaware of any \u201cin-the-wild\u201d exploitation for CVE-2021-31166 but will continue to monitor the threat landscape and provide relevant updates. We urge Windows users to apply the patch immediately wherever possible, giving special attention to externally facing devices that could be compromised from the internet. For those who are unable to apply Microsoft\u2019s update, we are providing a \u201cvirtual patch\u201d in the form of a network IPS signature that can be used to detect and prevent exploitation attempts for this vulnerability.<\/p>\n

McAfee Network Security Platform (NSP) Protection
\nSigset Version: 10.8.21.2
\nAttack ID: 0x4528f000
\nAttack Name: HTTP: Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability (CVE-2021-31166)<\/p>\n

McAfee Knowledge Base Article KB94510:<\/h2>\n

https:\/\/kc.mcafee.com\/corporate\/index?page=content&id=KB94510<\/a><\/p>\n

 <\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

Today, Microsoft released a highly critical vulnerability (CVE-2021-31166) in its web server http.sys. This product is a Windows-only HTTP server…<\/p>\n","protected":false},"author":1004,"featured_media":121867,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[442],"tags":[8731],"coauthors":[5354],"class_list":["post-121903","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-mcafee-labs","tag-guardians"],"acf":[],"yoast_head":"\nMajor HTTP Vulnerability in Windows Could Lead to Wormable Exploit | McAfee Blog<\/title>\n<meta name=\"description\" content=\"Today, Microsoft released a highly critical vulnerability (CVE-2021-31166) in its web server http.sys. This product is a Windows-only HTTP server which\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Major HTTP Vulnerability in Windows Could Lead to Wormable Exploit | McAfee Blog\" \/>\n<meta property=\"og:description\" content=\"Today, Microsoft released a highly critical vulnerability (CVE-2021-31166) in its web server http.sys. This product is a Windows-only HTTP server which\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/\" \/>\n<meta property=\"og:site_name\" content=\"McAfee Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/McAfee\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-05-12T15:48:13+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-06-03T02:27:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/05\/AdobeStock_315095274_614x300-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"614\" \/>\n\t<meta property=\"og:image:height\" content=\"300\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Steve Povolny\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@spovolny\" \/>\n<meta name=\"twitter:site\" content=\"@McAfee\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Steve Povolny\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/\"},\"author\":{\"name\":\"Steve Povolny\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/210ec6c1c7e372f17c4b1109f06b8267\"},\"headline\":\"Major HTTP Vulnerability in Windows Could Lead to Wormable Exploit\",\"datePublished\":\"2021-05-12T15:48:13+00:00\",\"dateModified\":\"2025-06-03T02:27:17+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/\"},\"wordCount\":374,\"publisher\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/05\/AdobeStock_315095274_614x300-1.jpg\",\"keywords\":[\"Guardians\"],\"articleSection\":[\"McAfee Labs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/\",\"name\":\"Major HTTP Vulnerability in Windows Could Lead to Wormable Exploit | McAfee Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/05\/AdobeStock_315095274_614x300-1.jpg\",\"datePublished\":\"2021-05-12T15:48:13+00:00\",\"dateModified\":\"2025-06-03T02:27:17+00:00\",\"description\":\"Today, Microsoft released a highly critical vulnerability (CVE-2021-31166) in its web server http.sys. This product is a Windows-only HTTP server which\",\"breadcrumb\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/#primaryimage\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/05\/AdobeStock_315095274_614x300-1.jpg\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/05\/AdobeStock_315095274_614x300-1.jpg\",\"width\":614,\"height\":300,\"caption\":\"AI Cyber Security\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Blog\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Other Blogs\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"McAfee Labs\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Major HTTP Vulnerability in Windows Could Lead to Wormable Exploit\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#website\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/\",\"name\":\"McAfee Blog\",\"description\":\"Internet Security News\",\"publisher\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.mcafee.com\/blogs\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\",\"name\":\"McAfee\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png\",\"width\":1286,\"height\":336,\"caption\":\"McAfee\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/McAfee\/\",\"https:\/\/x.com\/McAfee\",\"https:\/\/www.linkedin.com\/company\/mcafee\/\",\"https:\/\/www.youtube.com\/McAfee\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/210ec6c1c7e372f17c4b1109f06b8267\",\"name\":\"Steve Povolny\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/image\/d83e09f6a46193cbf6406c6f30ba3fde\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/04\/steve_p_mcafee-96x96.png\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/04\/steve_p_mcafee-96x96.png\",\"caption\":\"Steve Povolny\"},\"description\":\"Steve Povolny is the Head of Advanced Threat Research for McAfee Enterprise, which delivers groundbreaking vulnerability research spanning nearly every industry. With more than a decade of experience in network security, Steve is a recognized authority on hardware and software vulnerabilities, and regularly collaborates with influencers in academia, government, law enforcement, consumers and enterprise businesses of all sizes. Steve is a sought after public speaker and media commentator who often blogs on key topics. He brings his passion for threat research and a unique vision to harness the power of collaboration between the research community and product vendors, through responsible disclosure, for the benefit of all.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/steve-povolny-595a776\/\",\"https:\/\/x.com\/spovolny\"],\"url\":\"https:\/\/www.mcafee.com\/blogs\/author\/steve-povolny\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Major HTTP Vulnerability in Windows Could Lead to Wormable Exploit | McAfee Blog","description":"Today, Microsoft released a highly critical vulnerability (CVE-2021-31166) in its web server http.sys. This product is a Windows-only HTTP server which","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"Major HTTP Vulnerability in Windows Could Lead to Wormable Exploit | McAfee Blog","og_description":"Today, Microsoft released a highly critical vulnerability (CVE-2021-31166) in its web server http.sys. This product is a Windows-only HTTP server which","og_url":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/","og_site_name":"McAfee Blog","article_publisher":"https:\/\/www.facebook.com\/McAfee\/","article_published_time":"2021-05-12T15:48:13+00:00","article_modified_time":"2025-06-03T02:27:17+00:00","og_image":[{"width":614,"height":300,"url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/05\/AdobeStock_315095274_614x300-1.jpg","type":"image\/jpeg"}],"author":"Steve Povolny","twitter_card":"summary_large_image","twitter_creator":"@spovolny","twitter_site":"@McAfee","twitter_misc":{"Written by":"Steve Povolny","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/#article","isPartOf":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/"},"author":{"name":"Steve Povolny","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/210ec6c1c7e372f17c4b1109f06b8267"},"headline":"Major HTTP Vulnerability in Windows Could Lead to Wormable Exploit","datePublished":"2021-05-12T15:48:13+00:00","dateModified":"2025-06-03T02:27:17+00:00","mainEntityOfPage":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/"},"wordCount":374,"publisher":{"@id":"https:\/\/www.mcafee.com\/blogs\/#organization"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/#primaryimage"},"thumbnailUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/05\/AdobeStock_315095274_614x300-1.jpg","keywords":["Guardians"],"articleSection":["McAfee Labs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/","url":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/","name":"Major HTTP Vulnerability in Windows Could Lead to Wormable Exploit | McAfee Blog","isPartOf":{"@id":"https:\/\/www.mcafee.com\/blogs\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/#primaryimage"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/#primaryimage"},"thumbnailUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/05\/AdobeStock_315095274_614x300-1.jpg","datePublished":"2021-05-12T15:48:13+00:00","dateModified":"2025-06-03T02:27:17+00:00","description":"Today, Microsoft released a highly critical vulnerability (CVE-2021-31166) in its web server http.sys. This product is a Windows-only HTTP server which","breadcrumb":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/#primaryimage","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/05\/AdobeStock_315095274_614x300-1.jpg","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/05\/AdobeStock_315095274_614x300-1.jpg","width":614,"height":300,"caption":"AI Cyber Security"},{"@type":"BreadcrumbList","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/major-http-vulnerability-in-windows-could-lead-to-wormable-exploit\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https:\/\/www.mcafee.com\/blogs\/"},{"@type":"ListItem","position":2,"name":"Other Blogs","item":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/"},{"@type":"ListItem","position":3,"name":"McAfee Labs","item":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/"},{"@type":"ListItem","position":4,"name":"Major HTTP Vulnerability in Windows Could Lead to Wormable Exploit"}]},{"@type":"WebSite","@id":"https:\/\/www.mcafee.com\/blogs\/#website","url":"https:\/\/www.mcafee.com\/blogs\/","name":"McAfee Blog","description":"Internet Security News","publisher":{"@id":"https:\/\/www.mcafee.com\/blogs\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.mcafee.com\/blogs\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.mcafee.com\/blogs\/#organization","name":"McAfee","url":"https:\/\/www.mcafee.com\/blogs\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png","width":1286,"height":336,"caption":"McAfee"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/McAfee\/","https:\/\/x.com\/McAfee","https:\/\/www.linkedin.com\/company\/mcafee\/","https:\/\/www.youtube.com\/McAfee"]},{"@type":"Person","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/210ec6c1c7e372f17c4b1109f06b8267","name":"Steve Povolny","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/image\/d83e09f6a46193cbf6406c6f30ba3fde","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/04\/steve_p_mcafee-96x96.png","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/04\/steve_p_mcafee-96x96.png","caption":"Steve Povolny"},"description":"Steve Povolny is the Head of Advanced Threat Research for McAfee Enterprise, which delivers groundbreaking vulnerability research spanning nearly every industry. With more than a decade of experience in network security, Steve is a recognized authority on hardware and software vulnerabilities, and regularly collaborates with influencers in academia, government, law enforcement, consumers and enterprise businesses of all sizes. Steve is a sought after public speaker and media commentator who often blogs on key topics. He brings his passion for threat research and a unique vision to harness the power of collaboration between the research community and product vendors, through responsible disclosure, for the benefit of all.","sameAs":["https:\/\/www.linkedin.com\/in\/steve-povolny-595a776\/","https:\/\/x.com\/spovolny"],"url":"https:\/\/www.mcafee.com\/blogs\/author\/steve-povolny\/"}]}},"_links":{"self":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/121903","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/users\/1004"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/comments?post=121903"}],"version-history":[{"count":2,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/121903\/revisions"}],"predecessor-version":[{"id":214930,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/121903\/revisions\/214930"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/media\/121867"}],"wp:attachment":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/media?parent=121903"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/categories?post=121903"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/tags?post=121903"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/coauthors?post=121903"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}