{"id":8991,"date":"2026-06-26T08:18:47","date_gmt":"2026-06-26T01:18:47","guid":{"rendered":"https:\/\/longvan.net\/cong-dong\/?p=8991"},"modified":"2026-06-26T08:20:19","modified_gmt":"2026-06-26T01:20:19","slug":"huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys","status":"publish","type":"post","link":"https:\/\/longvan.net\/cong-dong\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\/","title":{"rendered":"H\u01b0\u1edbng d\u1eabn x\u1eed l\u00fd l\u1ed7 h\u1ed5ng RCE nghi\u00eam tr\u1ecdng (CVE-2026-47291) tr\u00ean Windows HTTP.sys"},"content":{"rendered":"<p>M\u1ed9t l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt \u0111\u1eb7c bi\u1ec7t nghi\u00eam tr\u1ecdng c\u00f3 m\u00e3 \u0111\u1ecbnh danh CVE-2026-47291 (\u0110i\u1ec3m CVSS: 9.8 &#8211; Critical) v\u1eeba \u0111\u01b0\u1ee3c c\u00f4ng b\u1ed1 li\u00ean quan \u0111\u1ebfn th\u00e0nh ph\u1ea7n giao th\u1ee9c HTTP (HTTP.sys) tr\u00ean h\u1ec7 \u0111i\u1ec1u h\u00e0nh Windows. \u0110\u00e2y l\u00e0 l\u1ed7 h\u1ed5ng cho ph\u00e9p th\u1ef1c thi m\u00e3 t\u1eeb xa (RCE) nguy hi\u1ec3m nh\u1ea5t hi\u1ec7n nay, \u0111\u00f2i h\u1ecfi qu\u1ea3n tr\u1ecb vi\u00ean h\u1ec7 th\u1ed1ng Windows Server v\u00e0 IIS ph\u1ea3i c\u00f3 bi\u1ec7n ph\u00e1p can thi\u1ec7p ngay l\u1eadp t\u1ee9c.<\/p>\n<p>D\u01b0\u1edbi \u0111\u00e2y l\u00e0 th\u00f4ng tin chi ti\u1ebft v\u00e0 h\u01b0\u1edbng d\u1eabn t\u1eeb Long V\u00e2n \u0111\u1ec3 gi\u00fap qu\u1ea3n tr\u1ecb vi\u00ean b\u1ea3o v\u1ec7 m\u00e1y ch\u1ee7 an to\u00e0n.<\/p>\n<h3>I. Th\u00f4ng tin l\u1ed7 h\u1ed5ng v\u00e0 ph\u1ea1m vi \u1ea3nh h\u01b0\u1edfng<\/h3>\n<ul>\n<li>T\u00ean l\u1ed7 h\u1ed5ng: Tr\u00e0n b\u1ed9 \u0111\u1ec7m (Buffer Overflow) tr\u00ean HTTP.sys \u2013 M\u00e3 CVE: CVE-2026-47291.<\/li>\n<li>M\u1ee9c \u0111\u1ed9: C\u1ef1c k\u1ef3 nghi\u00eam tr\u1ecdng (CVSS 9.8).<\/li>\n<li>Chi ti\u1ebft: HTTP.sys l\u00e0 tr\u00ecnh \u0111i\u1ec1u khi\u1ec3n x\u1eed l\u00fd c\u00e1c y\u00eau c\u1ea7u HTTP\/HTTPS l\u00f5i c\u1ee7a Windows. L\u1ed7 h\u1ed5ng x\u1ea3y ra do l\u1ed7i ki\u1ec3m tra b\u1ed9 \u0111\u1ec7m khi x\u1eed l\u00fd c\u00e1c g\u00f3i tin HTTP g\u1eedi \u0111\u1ebfn. K\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 g\u1eedi m\u1ed9t g\u00f3i tin \u0111\u1ed9c h\u1ea1i (crafted request) t\u1eeb xa \u0111\u1ec3 th\u1ef1c thi m\u00e3 \u0111\u1ed9c tr\u00ean m\u00e1y ch\u1ee7 v\u1edbi quy\u1ec1n H\u1ec7 th\u1ed1ng (System privileges). Qu\u00e1 tr\u00ecnh n\u00e0y di\u1ec5n ra ho\u00e0n to\u00e0n t\u1ef1 \u0111\u1ed9ng, kh\u00f4ng c\u1ea7n x\u00e1c th\u1ef1c t\u00e0i kho\u1ea3n (Unauthenticated) v\u00e0 kh\u00f4ng c\u1ea7n s\u1ef1 t\u01b0\u01a1ng t\u00e1c c\u1ee7a ng\u01b0\u1eddi d\u00f9ng (Zero-click).<\/li>\n<li>Ph\u1ea1m vi \u1ea3nh h\u01b0\u1edfng: M\u1ecdi h\u1ec7 \u0111i\u1ec1u h\u00e0nh Windows (bao g\u1ed3m Windows Server 2016, 2019, 2022, 2025 v\u00e0 Windows 10\/11) \u0111ang ch\u1ea1y d\u1ecbch v\u1ee5 IIS (Internet Information Services) ho\u1eb7c b\u1ea5t k\u1ef3 \u1ee9ng d\u1ee5ng n\u00e0o ph\u1ee5 thu\u1ed9c v\u00e0o driver http.sys.<\/li>\n<\/ul>\n<h3>II. C\u00e1ch ki\u1ec3m tra h\u1ec7 th\u1ed1ng c\u00f3 b\u1ecb \u1ea3nh h\u01b0\u1edfng<\/h3>\n<p>Kh\u00f4ng ph\u1ea3i m\u1ecdi m\u00e1y ch\u1ee7 Windows \u0111\u1ec1u g\u1eb7p r\u1ee7i ro, h\u1ec7 th\u1ed1ng ch\u1ec9 b\u1ecb \u0111e d\u1ecda n\u1ebfu d\u1ecbch v\u1ee5 http.sys \u0111ang \u0111\u01b0\u1ee3c k\u00edch ho\u1ea1t v\u00e0 m\u1edf port ra Internet. Qu\u1ea3n tr\u1ecb vi\u00ean c\u1ea7n ki\u1ec3m tra b\u1eb1ng c\u00e1c b\u01b0\u1edbc sau:<\/p>\n<h4><strong>\u0110i\u1ec1u ki\u1ec7n 1: Ki\u1ec3m tra d\u1ecbch v\u1ee5 HTTP c\u00f3 \u0111ang ch\u1ea1y hay kh\u00f4ng<\/strong><\/h4>\n<p>M\u1edf PowerShell (quy\u1ec1n Administrator) v\u00e0 ch\u1ea1y l\u1ec7nh sau \u0111\u1ec3 xem tr\u1ea1ng th\u00e1i c\u1ee7a c\u00e1c d\u1ecbch v\u1ee5 s\u1eed d\u1ee5ng HTTP.sys:<\/p>\n<p>PowerShell<\/p>\n<blockquote><p>netsh http show servicestate<\/p><\/blockquote>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8992 size-full aligncenter\" src=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_1-2-e1782436596901.png\" alt=\"\" width=\"636\" height=\"787\" srcset=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_1-2-e1782436596901.png 636w, https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_1-2-e1782436596901-242x300.png 242w\" sizes=\"auto, (max-width: 636px) 100vw, 636px\" \/><\/p>\n<p><em>N\u1ebfu k\u1ebft qu\u1ea3 tr\u1ea3 v\u1ec1 danh s\u00e1ch c\u00e1c Session, URL Groups \u0111ang &#8220;Active&#8221;, \u0111i\u1ec1u \u0111\u00f3 c\u00f3 ngh\u0129a l\u00e0 HTTP.sys \u0111ang l\u1eafng nghe c\u00e1c y\u00eau c\u1ea7u v\u00e0 h\u1ec7 th\u1ed1ng c\u00f3 nguy c\u01a1 b\u1ecb t\u1ea5n c\u00f4ng.<\/em><\/p>\n<h4><strong>\u0110i\u1ec1u ki\u1ec7n 2: Ki\u1ec3m tra b\u1ea3n v\u00e1 c\u1ee7a h\u1ec7 \u0111i\u1ec1u h\u00e0nh<\/strong><\/h4>\n<p>S\u1eed d\u1ee5ng l\u1ec7nh PowerShell sau \u0111\u1ec3 ki\u1ec3m tra xem m\u00e1y ch\u1ee7 \u0111\u00e3 \u0111\u01b0\u1ee3c c\u00e0i \u0111\u1eb7t c\u00e1c b\u1ea3n c\u1eadp nh\u1eadt b\u1ea3o m\u1eadt m\u1edbi nh\u1ea5t t\u1eeb Microsoft ch\u01b0a:<\/p>\n<p>PowerShell<\/p>\n<blockquote><p>Get-HotFix | Sort-Object InstalledOn -Descending<\/p><\/blockquote>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8993 size-full aligncenter\" src=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_2-2.png\" alt=\"\" width=\"779\" height=\"178\" srcset=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_2-2.png 779w, https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_2-2-300x69.png 300w, https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_2-2-768x175.png 768w\" sizes=\"auto, (max-width: 779px) 100vw, 779px\" \/><\/p>\n<p><em>N\u1ebfu b\u1ea1n ch\u01b0a c\u00e0i \u0111\u1eb7t b\u1ea5t k\u1ef3 b\u1ea3n v\u00e1 t\u00edch l\u0169y (Cumulative Update) n\u00e0o \u0111\u01b0\u1ee3c ph\u00e1t h\u00e0nh g\u1ea7n \u0111\u00e2y li\u00ean quan \u0111\u1ebfn l\u1ed7i n\u00e0y, h\u1ec7 th\u1ed1ng c\u1ee7a b\u1ea1n \u0111ang g\u1eb7p nguy hi\u1ec3m.<\/em><\/p>\n<h3>III. Gi\u1ea3i ph\u00e1p t\u1ea1m th\u1eddi<\/h3>\n<p>N\u1ebfu ch\u01b0a th\u1ec3 l\u00ean l\u1ecbch kh\u1edfi \u0111\u1ed9ng l\u1ea1i m\u00e1y ch\u1ee7 (downtime) \u0111\u1ec3 c\u00e0i \u0111\u1eb7t b\u1ea3n v\u00e1 h\u1ec7 \u0111i\u1ec1u h\u00e0nh, qu\u1ea3n tr\u1ecb vi\u00ean c\u00f3 th\u1ec3 \u00e1p d\u1ee5ng c\u00e1c bi\u1ec7n ph\u00e1p gi\u1ea3m thi\u1ec3u r\u1ee7i ro kh\u1ea9n c\u1ea5p sau:<\/p>\n<h4>1. V\u00f4 hi\u1ec7u h\u00f3a d\u1ecbch v\u1ee5 IIS (\u0110\u1ed1i v\u1edbi m\u00e1y ch\u1ee7 kh\u00f4ng ch\u1ea1y Web)<\/h4>\n<p>N\u1ebfu m\u00e1y ch\u1ee7 c\u1ee7a b\u1ea1n kh\u00f4ng \u0111\u00f3ng vai tr\u00f2 l\u00e0 Web Server (v\u00ed d\u1ee5: ch\u1ec9 ch\u1ea1y Database, Active Directory, v.v.), h\u00e3y t\u1eaft ho\u00e0n to\u00e0n d\u1ecbch v\u1ee5 HTTP \u0111\u1ec3 lo\u1ea1i b\u1ecf 100% kh\u1ea3 n\u0103ng b\u1ecb khai th\u00e1c:<\/p>\n<p>DOS<\/p>\n<blockquote><p>net stop http \/y<\/p><\/blockquote>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8994 size-full aligncenter\" src=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_3-2.png\" alt=\"\" width=\"640\" height=\"426\" srcset=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_3-2.png 640w, https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_3-2-300x200.png 300w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/p>\n<p><em>(L\u01b0u \u00fd: L\u1ec7nh n\u00e0y s\u1ebd l\u00e0m ng\u1eebng ho\u1ea1t \u0111\u1ed9ng c\u00e1c d\u1ecbch v\u1ee5 ph\u1ee5 thu\u1ed9c v\u00e0o http.sys nh\u01b0 IIS, WinRM, Print Spooler qua m\u1ea1ng. H\u00e3y c\u00e2n nh\u1eafc k\u1ef9 tr\u01b0\u1edbc khi ch\u1ea1y).<\/em><\/p>\n<h4>2. C\u1ea5u h\u00ecnh Registry gi\u1edbi h\u1ea1n dung l\u01b0\u1ee3ng Request (Khuy\u1ebfn ngh\u1ecb ch\u00ednh th\u1ee9c t\u1eeb Microsoft)<\/h4>\n<p>L\u1ed7 h\u1ed5ng tr\u00e0n b\u1ed9 \u0111\u1ec7m n\u00e0y khai th\u00e1c th\u00f4ng qua c\u00e1c g\u00f3i tin HTTP c\u00f3 k\u00edch th\u01b0\u1edbc l\u1edbn b\u1ea5t th\u01b0\u1eddng. Qu\u1ea3n tr\u1ecb vi\u00ean c\u00f3 th\u1ec3 gi\u1edbi h\u1ea1n k\u00edch th\u01b0\u1edbc t\u1ed1i \u0111a c\u1ee7a g\u00f3i tin b\u1eb1ng c\u00e1ch c\u1ea5u h\u00ecnh kh\u00f3a MaxRequestBytes trong Registry.<\/p>\n<p><strong>Th\u1ef1c hi\u1ec7n nhanh b\u1eb1ng l\u1ec7nh PowerShell (Run as Administrator):<\/strong><\/p>\n<p><span class=\"hljs-comment\">Th\u00eam ho\u1eb7c c\u1eadp nh\u1eadt kh\u00f3a MaxRequestBytes v\u1edbi gi\u00e1 tr\u1ecb an to\u00e0n (16384)<\/span><\/p>\n<blockquote><p><span class=\"hljs-built_in\">Set-ItemProperty<\/span> <span class=\"hljs-literal\">-Path<\/span> <span class=\"hljs-string\">&#8220;HKLM:\\SYSTEM\\CurrentControlSet\\Services\\HTTP\\Parameters&#8221;<\/span> <span class=\"hljs-literal\">-Name<\/span> <span class=\"hljs-string\">&#8220;MaxRequestBytes&#8221;<\/span> <span class=\"hljs-literal\">-Value<\/span> <span class=\"hljs-number\">16384<\/span> <span class=\"hljs-literal\">-Type<\/span> DWord<\/p><\/blockquote>\n<p><span class=\"hljs-comment\">Kh\u1edfi \u0111\u1ed9ng l\u1ea1i d\u1ecbch v\u1ee5 HTTP \u0111\u1ec3 \u00e1p d\u1ee5ng<\/span><\/p>\n<blockquote><p>net stop http \/y<\/p>\n<p>net <span class=\"hljs-built_in\">start<\/span> w3svc<\/p><\/blockquote>\n<p><strong>Th\u1ef1c hi\u1ec7n th\u1ee7 c\u00f4ng b\u1eb1ng giao di\u1ec7n Registry Editor (regedit):<\/strong><\/p>\n<p data-path-to-node=\"11,0,0\"><strong>B\u01b0\u1edbc 1.<\/strong> M\u1edf Start Menu, g\u00f5 <code data-path-to-node=\"11,0,0\" data-index-in-node=\"18\">regedit<\/code> v\u00e0 m\u1edf <b data-path-to-node=\"11,0,0\" data-index-in-node=\"32\">Registry Editor<\/b>.<\/p>\n<p data-path-to-node=\"11,0,0\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-9003 size-full\" src=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_11-1.png\" alt=\"\" width=\"415\" height=\"232\" srcset=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_11-1.png 415w, https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_11-1-300x168.png 300w\" sizes=\"auto, (max-width: 415px) 100vw, 415px\" \/><\/p>\n<p data-path-to-node=\"11,1,0\"><strong>B\u01b0\u1edbc 2.<\/strong> \u0110i\u1ec1u h\u01b0\u1edbng theo \u0111\u01b0\u1eddng d\u1eabn sau: <code data-path-to-node=\"11,1,0\" data-index-in-node=\"31\">HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\HTTP\\Parameters<\/code><\/p>\n<p data-path-to-node=\"11,1,0\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-9004 size-full aligncenter\" src=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_12-1-e1782436654899.png\" alt=\"\" width=\"686\" height=\"848\" srcset=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_12-1-e1782436654899.png 686w, https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_12-1-e1782436654899-243x300.png 243w\" sizes=\"auto, (max-width: 686px) 100vw, 686px\" \/><\/p>\n<p data-path-to-node=\"11,2,0\"><strong>B\u01b0\u1edbc 3.<\/strong> T\u00ecm gi\u00e1 tr\u1ecb <code data-path-to-node=\"11,2,0\" data-index-in-node=\"12\">MaxRequestBytes<\/code> \u1edf khung b\u00ean ph\u1ea3i (N\u1ebfu ch\u01b0a c\u00f3, nh\u1ea5p chu\u1ed9t ph\u1ea3i ch\u1ecdn <b data-path-to-node=\"11,2,0\" data-index-in-node=\"80\">New<\/b> &gt; <b data-path-to-node=\"11,2,0\" data-index-in-node=\"86\">DWORD (32-bit) Value<\/b> v\u00e0 \u0111\u1eb7t t\u00ean l\u00e0 <code data-path-to-node=\"11,2,0\" data-index-in-node=\"121\">MaxRequestBytes<\/code>).<\/p>\n<p data-path-to-node=\"11,2,0\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-9005 size-full\" src=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_13-1.png\" alt=\"\" width=\"545\" height=\"122\" srcset=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_13-1.png 545w, https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_13-1-300x67.png 300w\" sizes=\"auto, (max-width: 545px) 100vw, 545px\" \/><\/p>\n<p data-path-to-node=\"11,3,0\"><strong>B\u01b0\u1edbc 4.<\/strong> Nh\u1ea5p \u0111\u00fap v\u00e0o <code data-path-to-node=\"11,3,0\" data-index-in-node=\"13\">MaxRequestBytes<\/code>, ch\u1ecdn <b data-path-to-node=\"11,3,0\" data-index-in-node=\"35\">Decimal<\/b> (Th\u1eadp ph\u00e2n) v\u00e0 nh\u1eadp m\u1ed9t trong hai gi\u00e1 tr\u1ecb sau:<\/p>\n<p data-path-to-node=\"11,3,1,0,0\"><b data-path-to-node=\"11,3,1,0,0\" data-index-in-node=\"0\">16384<\/b>: M\u1eb7c \u0111\u1ecbnh, an to\u00e0n nh\u1ea5t, mi\u1ec5n nhi\u1ec5m v\u1edbi l\u1ed7 h\u1ed5ng.<\/p>\n<p data-path-to-node=\"11,3,1,1,0\"><b data-path-to-node=\"11,3,1,1,0\" data-index-in-node=\"0\">65534<\/b>: N\u1ebfu \u1ee9ng d\u1ee5ng web c\u1ee7a b\u1ea1n y\u00eau c\u1ea7u nh\u1eadn request l\u1edbn h\u01a1n (v\u00ed d\u1ee5: upload file), h\u00e3y d\u00f9ng s\u1ed1 n\u00e0y \u0111\u1ec3 web ho\u1ea1t \u0111\u1ed9ng b\u00ecnh th\u01b0\u1eddng m\u00e0 v\u1eabn tr\u00e1nh \u0111\u01b0\u1ee3c l\u1ed7 h\u1ed5ng.<\/p>\n<p data-path-to-node=\"11,3,1,1,0\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-9006 size-full aligncenter\" src=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_14-1.png\" alt=\"\" width=\"346\" height=\"220\" srcset=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_14-1.png 346w, https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_14-1-300x191.png 300w\" sizes=\"auto, (max-width: 346px) 100vw, 346px\" \/><\/p>\n<p data-path-to-node=\"11,4,0\"><strong>B\u01b0\u1edbc 5<\/strong>. Nh\u1ea5n <b data-path-to-node=\"11,4,0\" data-index-in-node=\"5\">OK<\/b>, \u0111\u00f3ng Registry Editor v\u00e0 ti\u1ebfn h\u00e0nh kh\u1edfi \u0111\u1ed9ng l\u1ea1i m\u00e1y ch\u1ee7 (ho\u1eb7c d\u00f9ng l\u1ec7nh <code data-path-to-node=\"11,4,0\" data-index-in-node=\"81\">net stop http \/y<\/code> v\u00e0 <code data-path-to-node=\"11,4,0\" data-index-in-node=\"101\">net start http<\/code> nh\u01b0 tr\u00ean).<\/p>\n<h4>3. T\u1ea1m t\u1eaft t\u00ednh n\u0103ng Kernel-mode Caching c\u1ee7a IIS (\u0110\u1ed1i v\u1edbi Web \u0111ang Public)<\/h4>\n<p>\u0110\u1ed1i v\u1edbi c\u00e1c website \u0111ang ph\u1ee5c v\u1ee5 c\u1ed9ng \u0111\u1ed3ng (nh\u01b0 th\u01b0\u01a1ng m\u1ea1i \u0111i\u1ec7n t\u1eed, tin t\u1ee9c) kh\u00f4ng th\u1ec3 \u0111\u00f3ng port hay ch\u1eb7n IP, b\u1ea1n c\u00f3 th\u1ec3 v\u00f4 hi\u1ec7u h\u00f3a b\u1ed9 \u0111\u1ec7m nh\u00e2n (Kernel Caching) \u0111\u1ec3 ng\u0103n ch\u1eb7n c\u00e1c truy v\u1ea5n nh\u1ed3i nh\u00e9t d\u1eef li\u1ec7u g\u00e2y tr\u00e0n b\u1ed9 \u0111\u1ec7m.<\/p>\n<p>C\u00e1ch th\u1ef1c hi\u1ec7n qua giao di\u1ec7n IIS Manager:<\/p>\n<h4>B\u01b0\u1edbc 1: M\u1edf Internet Information Services (IIS) Manager.<\/h4>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-8995 size-full\" src=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_4-2.png\" alt=\"\" width=\"812\" height=\"83\" srcset=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_4-2.png 812w, https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_4-2-300x31.png 300w, https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_4-2-768x79.png 768w\" sizes=\"auto, (max-width: 812px) 100vw, 812px\" \/><\/p>\n<h4>B\u01b0\u1edbc 2: \u1ede c\u1ed9t b\u00ean tr\u00e1i, nh\u1ea5p ch\u1ecdn v\u00e0o t\u00ean Server (\u0111\u1ec3 \u00e1p d\u1ee5ng cho to\u00e0n c\u1ee5c) ho\u1eb7c ch\u1ecdn t\u1eebng Website c\u1ee5 th\u1ec3.<\/h4>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8996 size-full aligncenter\" src=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_5-2.png\" alt=\"\" width=\"255\" height=\"210\" \/><\/p>\n<h4>B\u01b0\u1edbc 3: \u1ede khung ch\u00ednh gi\u1eefa, t\u00ecm v\u00e0 nh\u1ea5p \u0111\u00fap v\u00e0o t\u00ednh n\u0103ng Output Caching.<\/h4>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8997 size-full aligncenter\" src=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_6-1.png\" alt=\"\" width=\"829\" height=\"466\" srcset=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_6-1.png 829w, https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_6-1-300x169.png 300w, https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_6-1-768x432.png 768w\" sizes=\"auto, (max-width: 829px) 100vw, 829px\" \/><\/p>\n<h4>B\u01b0\u1edbc 4. \u1ede c\u1ed9t <em>Actions<\/em> b\u00ean ph\u1ea3i, nh\u1ea5p v\u00e0o m\u1ee5c <strong>Edit Feature Settings&#8230;.<\/strong><\/h4>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-8998 size-full\" src=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_7-1.png\" alt=\"\" width=\"1179\" height=\"522\" srcset=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_7-1.png 1179w, https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_7-1-300x133.png 300w, https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_7-1-1024x453.png 1024w, https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_7-1-768x340.png 768w\" sizes=\"auto, (max-width: 1179px) 100vw, 1179px\" \/><\/p>\n<h4>B\u01b0\u1edbc 5: B\u1ecf d\u1ea5u tick \u1edf \u00f4 Enable kernel cache &gt; Nh\u1ea5n OK.<\/h4>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-8999 size-full aligncenter\" src=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_8-2.png\" alt=\"\" width=\"401\" height=\"292\" srcset=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_8-2.png 401w, https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_8-2-300x218.png 300w\" sizes=\"auto, (max-width: 401px) 100vw, 401px\" \/><\/p>\n<h4>B\u01b0\u1edbc 6: restart l\u1ea1i IIS \u0111\u1ec3 app d\u1ee5ng c\u1ea5u h\u00ecnh.<\/h4>\n<p><em>(L\u01b0u \u00fd: Vi\u1ec7c t\u1eaft Kernel Cache s\u1ebd l\u00e0m gi\u1ea3m t\u1ed1c \u0111\u1ed9 x\u1eed l\u00fd c\u1ee7a website v\u00e0 gi\u1ea3m kh\u1ea3 n\u0103ng ch\u1ecbu t\u1ea3i c\u1ee7a CPU. V\u00ec v\u1eady, \u0111\u00e2y ch\u1ec9 l\u00e0 bi\u1ec7n ph\u00e1p t\u1ea1m th\u1eddi, qu\u1ea3n tr\u1ecb vi\u00ean c\u1ea7n \u01b0u ti\u00ean tham kh\u1ea3o v\u00e0 th\u1ef1c hi\u1ec7n c\u1eadp nh\u1eadt b\u1ea3n v\u00e1 tr\u1ef1c ti\u1ebfp t\u1eeb Microsoft trong th\u1eddi gian s\u1edbm nh\u1ea5t).<\/em><\/p>\n<h3>IV. C\u00e1ch c\u1eadp nh\u1eadt ch\u00ednh th\u1ee9c<\/h3>\n<p>V\u00ec HTTP.sys l\u00e0 th\u00e0nh ph\u1ea7n l\u00f5i (Kernel-mode driver) c\u1ee7a Windows. C\u00e1ch duy nh\u1ea5t \u0111\u1ec3 kh\u1eafc ph\u1ee5c tri\u1ec7t \u0111\u1ec3 l\u1ed7 h\u1ed5ng n\u00e0y l\u00e0 c\u00e0i \u0111\u1eb7t b\u1ea3n v\u00e1 b\u1ea3o m\u1eadt ch\u00ednh th\u1ee9c t\u1eeb Microsoft.<\/p>\n<h4>Ph\u01b0\u01a1ng ph\u00e1p 1: C\u1eadp nh\u1eadt qua Windows Update (Khuy\u1ebfn ngh\u1ecb)<\/h4>\n<ol>\n<li>Truy c\u1eadp Settings &gt; Update &amp; Security &gt; Windows Update.<\/li>\n<li>Nh\u1ea5p v\u00e0o Check for updates v\u00e0 t\u1ea3i xu\u1ed1ng b\u1ea3n c\u1eadp nh\u1eadt t\u00edch l\u0169y (Cumulative Update) m\u1edbi nh\u1ea5t.<\/li>\n<li>Ti\u1ebfn h\u00e0nh c\u00e0i \u0111\u1eb7t v\u00e0 kh\u1edfi \u0111\u1ed9ng l\u1ea1i m\u00e1y ch\u1ee7.<\/li>\n<\/ol>\n<h4>Ph\u01b0\u01a1ng ph\u00e1p 2: C\u1eadp nh\u1eadt th\u1ee7 c\u00f4ng qua PowerShell<\/h4>\n<p>D\u00e0nh cho qu\u1ea3n tr\u1ecb vi\u00ean mu\u1ed1n thao t\u00e1c nhanh tr\u00ean c\u00e1c m\u00e1y ch\u1ee7 Core:<\/p>\n<p>PowerShell<\/p>\n<p># C\u00e0i \u0111\u1eb7t module Windows Update (n\u1ebfu ch\u01b0a c\u00f3)<\/p>\n<blockquote><p>Install-Module PSWindowsUpdate -Force<\/p><\/blockquote>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-9000 size-full\" src=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_9-1.png\" alt=\"\" width=\"928\" height=\"119\" srcset=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_9-1.png 928w, https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_9-1-300x38.png 300w, https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_9-1-768x98.png 768w\" sizes=\"auto, (max-width: 928px) 100vw, 928px\" \/><\/p>\n<p># T\u00ecm ki\u1ebfm, c\u00e0i \u0111\u1eb7t b\u1ea3n c\u1eadp nh\u1eadt v\u00e0 t\u1ef1 \u0111\u1ed9ng kh\u1edfi \u0111\u1ed9ng l\u1ea1i<\/p>\n<blockquote><p>Get-WindowsUpdate -Install -AcceptAll -AutoReboot<\/p><\/blockquote>\n<p><strong>Ki\u1ec3m tra l\u1ea1i sau khi kh\u1edfi \u0111\u1ed9ng (X\u00e1c minh b\u1ea3n v\u00e1):<\/strong> Sau khi m\u00e1y ch\u1ee7 ho\u00e0n t\u1ea5t kh\u1edfi \u0111\u1ed9ng l\u1ea1i, qu\u1ea3n tr\u1ecb vi\u00ean c\u1ea7n ki\u1ec3m tra \u0111\u1ec3 ch\u1eafc ch\u1eafn r\u1eb1ng b\u1ea3n c\u1eadp nh\u1eadt \u0111\u00e3 \u0111\u01b0\u1ee3c c\u00e0i \u0111\u1eb7t th\u00e0nh c\u00f4ng. M\u1edf PowerShell v\u00e0 ch\u1ea1y l\u1ec7nh sau:<\/p>\n<p>PowerShell<\/p>\n<blockquote><p>Get-HotFix | Sort-Object InstalledOn -Descending<\/p><\/blockquote>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-9001 size-full aligncenter\" src=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_10-1.png\" alt=\"\" width=\"658\" height=\"189\" srcset=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_10-1.png 658w, https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_10-1-300x86.png 300w\" sizes=\"auto, (max-width: 658px) 100vw, 658px\" \/><\/p>\n<p><em>(L\u01b0u \u00fd: Ki\u1ec3m tra k\u1ebft qu\u1ea3 tr\u1ea3 v\u1ec1, n\u1ebfu b\u1ea3n c\u1eadp nh\u1eadt t\u00edch l\u0169y (Cumulative Update) c\u1ee7a th\u00e1ng hi\u1ec7n t\u1ea1i \u0111\u00e3 xu\u1ea5t hi\u1ec7n tr\u00ean c\u00f9ng v\u1edbi ng\u00e0y c\u00e0i \u0111\u1eb7t (InstalledOn) l\u00e0 h\u00f4m nay, h\u1ec7 th\u1ed1ng c\u1ee7a b\u1ea1n \u0111\u00e3 \u0111\u01b0\u1ee3c v\u00e1 l\u1ed7i an to\u00e0n).<\/em><\/p>\n<h3>V. L\u01b0u \u00fd quan tr\u1ecdng<\/h3>\n<ul>\n<li>B\u1eaft bu\u1ed9c kh\u1edfi \u0111\u1ed9ng l\u1ea1i: V\u00ec http.sys ch\u1ea1y trong Kernel, vi\u1ec7c c\u00e0i \u0111\u1eb7t b\u1ea3n v\u00e1 s\u1ebd y\u00eau c\u1ea7u kh\u1edfi \u0111\u1ed9ng l\u1ea1i (Reboot) h\u1ec7 \u0111i\u1ec1u h\u00e0nh m\u1edbi c\u00f3 hi\u1ec7u l\u1ef1c. H\u00e3y l\u00ean l\u1ecbch b\u1ea3o tr\u00ec (Maintenance Window) h\u1ee3p l\u00fd \u0111\u1ec3 kh\u00f4ng l\u00e0m gi\u00e1n \u0111o\u1ea1n doanh nghi\u1ec7p.<\/li>\n<li>H\u1ec7 th\u1ed1ng \u1ea3o h\u00f3a\/Cloud: N\u1ebfu b\u1ea1n \u0111ang s\u1eed d\u1ee5ng c\u00e1c m\u00e1y ch\u1ee7 \u1ea3o (Cloud Server) t\u1ea1i Long V\u00e2n, b\u1ea1n c\u00f3 th\u1ec3 t\u1ea1o Snapshot \u1ed5 \u0111\u0129a h\u1ec7 th\u1ed1ng (OS Drive) tr\u01b0\u1edbc khi th\u1ef1c hi\u1ec7n update \u0111\u1ec3 \u0111\u1ea3m b\u1ea3o an to\u00e0n, d\u1ec5 d\u00e0ng kh\u00f4i ph\u1ee5c n\u1ebfu qu\u00e1 tr\u00ecnh c\u1eadp nh\u1eadt Windows g\u1eb7p l\u1ed7i xung \u0111\u1ed9t.<\/li>\n<\/ul>\n<p>Nh\u01b0 v\u1eady, Long V\u00e2n \u0111\u00e3 ho\u00e0n th\u00e0nh h\u01b0\u1edbng d\u1eabn x\u1eed l\u00fd l\u1ed7 h\u1ed5ng RCE nghi\u00eam tr\u1ecdng (CVE-2026-47291) tr\u00ean h\u1ec7 \u0111i\u1ec1u h\u00e0nh Windows, Ch\u00fac Qu\u00fd kh\u00e1ch th\u00e0nh c\u00f4ng !<\/p>\n","protected":false},"excerpt":{"rendered":"<p>M\u1ed9t l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt \u0111\u1eb7c bi\u1ec7t nghi\u00eam tr\u1ecdng c\u00f3 m\u00e3 \u0111\u1ecbnh danh CVE-2026-47291 (\u0110i\u1ec3m CVSS: 9.8 &#8211; Critical) v\u1eeba \u0111\u01b0\u1ee3c c\u00f4ng b\u1ed1 li\u00ean quan \u0111\u1ebfn th\u00e0nh ph\u1ea7n giao th\u1ee9c HTTP (HTTP.sys) tr\u00ean h\u1ec7 \u0111i\u1ec1u h\u00e0nh Windows. \u0110\u00e2y l\u00e0 l\u1ed7 h\u1ed5ng cho ph\u00e9p th\u1ef1c thi m\u00e3 t\u1eeb xa (RCE) nguy hi\u1ec3m nh\u1ea5t hi\u1ec7n nay, \u0111\u00f2i [&hellip;]<\/p>\n","protected":false},"author":32,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_oasis_is_in_workflow":0,"_oasis_original":0,"footnotes":""},"categories":[15],"tags":[458,263,460,65],"class_list":["post-8991","post","type-post","status-publish","format-standard","hentry","category-windows","tag-cve","tag-iis","tag-loi-bao-mat","tag-windows"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>H\u01b0\u1edbng d\u1eabn x\u1eed l\u00fd l\u1ed7 h\u1ed5ng RCE nghi\u00eam tr\u1ecdng (CVE-2026-47291) tr\u00ean Windows HTTP.sys - Long V\u00e2n<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/longvan.net\/cong-dong\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\/\" \/>\n<meta property=\"og:locale\" content=\"vi_VN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"H\u01b0\u1edbng d\u1eabn x\u1eed l\u00fd l\u1ed7 h\u1ed5ng RCE nghi\u00eam tr\u1ecdng (CVE-2026-47291) tr\u00ean Windows HTTP.sys - Long V\u00e2n\" \/>\n<meta property=\"og:description\" content=\"M\u1ed9t l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt \u0111\u1eb7c bi\u1ec7t nghi\u00eam tr\u1ecdng c\u00f3 m\u00e3 \u0111\u1ecbnh danh CVE-2026-47291 (\u0110i\u1ec3m CVSS: 9.8 &#8211; Critical) v\u1eeba \u0111\u01b0\u1ee3c c\u00f4ng b\u1ed1 li\u00ean quan \u0111\u1ebfn th\u00e0nh ph\u1ea7n giao th\u1ee9c HTTP (HTTP.sys) tr\u00ean h\u1ec7 \u0111i\u1ec1u h\u00e0nh Windows. \u0110\u00e2y l\u00e0 l\u1ed7 h\u1ed5ng cho ph\u00e9p th\u1ef1c thi m\u00e3 t\u1eeb xa (RCE) nguy hi\u1ec3m nh\u1ea5t hi\u1ec7n nay, \u0111\u00f2i [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/longvan.net\/cong-dong\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\/\" \/>\n<meta property=\"og:site_name\" content=\"Long V\u00e2n\" \/>\n<meta property=\"article:published_time\" content=\"2026-06-26T01:18:47+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-06-26T01:20:19+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_1-2-e1782436596901.png\" \/>\n\t<meta property=\"og:image:width\" content=\"636\" \/>\n\t<meta property=\"og:image:height\" content=\"787\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Nguy\u1ec5n B\u00ecnh\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u0110\u01b0\u1ee3c vi\u1ebft b\u1edfi\" \/>\n\t<meta name=\"twitter:data1\" content=\"Nguy\u1ec5n B\u00ecnh\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u01af\u1edbc t\u00ednh th\u1eddi gian \u0111\u1ecdc\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 ph\u00fat\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\\\/\"},\"author\":{\"name\":\"Nguy\u1ec5n B\u00ecnh\",\"@id\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/#\\\/schema\\\/person\\\/0724e5bcec71b61fb8f56fff94ba2fc3\"},\"headline\":\"H\u01b0\u1edbng d\u1eabn x\u1eed l\u00fd l\u1ed7 h\u1ed5ng RCE nghi\u00eam tr\u1ecdng (CVE-2026-47291) tr\u00ean Windows HTTP.sys\",\"datePublished\":\"2026-06-26T01:18:47+00:00\",\"dateModified\":\"2026-06-26T01:20:19+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\\\/\"},\"wordCount\":2042,\"publisher\":{\"@id\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/Screenshot_1-2-e1782436596901.png\",\"keywords\":[\"CVE\",\"iis\",\"l\u1ed7i b\u1ea3o m\u1eadt\",\"windows\"],\"articleSection\":[\"Windows\"],\"inLanguage\":\"vi\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\\\/\",\"url\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\\\/\",\"name\":\"H\u01b0\u1edbng d\u1eabn x\u1eed l\u00fd l\u1ed7 h\u1ed5ng RCE nghi\u00eam tr\u1ecdng (CVE-2026-47291) tr\u00ean Windows HTTP.sys - Long V\u00e2n\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/Screenshot_1-2-e1782436596901.png\",\"datePublished\":\"2026-06-26T01:18:47+00:00\",\"dateModified\":\"2026-06-26T01:20:19+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\\\/#breadcrumb\"},\"inLanguage\":\"vi\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"vi\",\"@id\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\\\/#primaryimage\",\"url\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/Screenshot_1-2-e1782436596901.png\",\"contentUrl\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/Screenshot_1-2-e1782436596901.png\",\"width\":636,\"height\":787},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Trang ch\u1ee7\",\"item\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"H\u01b0\u1edbng d\u1eabn x\u1eed l\u00fd l\u1ed7 h\u1ed5ng RCE nghi\u00eam tr\u1ecdng (CVE-2026-47291) tr\u00ean Windows HTTP.sys\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/#website\",\"url\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/\",\"name\":\"Long V\u00e2n\",\"description\":\"C\u1ed9ng \u0110\u1ed3ng\",\"publisher\":{\"@id\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"vi\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/#organization\",\"name\":\"Long V\u00e2n\",\"url\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"vi\",\"@id\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/wp-content\\\/uploads\\\/2025\\\/11\\\/cropped-logo-longvancloudsolution.png\",\"contentUrl\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/wp-content\\\/uploads\\\/2025\\\/11\\\/cropped-logo-longvancloudsolution.png\",\"width\":1300,\"height\":330,\"caption\":\"Long V\u00e2n\"},\"image\":{\"@id\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/#\\\/schema\\\/person\\\/0724e5bcec71b61fb8f56fff94ba2fc3\",\"name\":\"Nguy\u1ec5n B\u00ecnh\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"vi\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/bfc4fdc8ef9d8e578c510f716eea05cd9320140e74bcb6606e43e0cf78961a9b?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/bfc4fdc8ef9d8e578c510f716eea05cd9320140e74bcb6606e43e0cf78961a9b?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/bfc4fdc8ef9d8e578c510f716eea05cd9320140e74bcb6606e43e0cf78961a9b?s=96&d=mm&r=g\",\"caption\":\"Nguy\u1ec5n B\u00ecnh\"},\"url\":\"https:\\\/\\\/longvan.net\\\/cong-dong\\\/author\\\/nguyenbinh\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"H\u01b0\u1edbng d\u1eabn x\u1eed l\u00fd l\u1ed7 h\u1ed5ng RCE nghi\u00eam tr\u1ecdng (CVE-2026-47291) tr\u00ean Windows HTTP.sys - Long V\u00e2n","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/longvan.net\/cong-dong\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\/","og_locale":"vi_VN","og_type":"article","og_title":"H\u01b0\u1edbng d\u1eabn x\u1eed l\u00fd l\u1ed7 h\u1ed5ng RCE nghi\u00eam tr\u1ecdng (CVE-2026-47291) tr\u00ean Windows HTTP.sys - Long V\u00e2n","og_description":"M\u1ed9t l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt \u0111\u1eb7c bi\u1ec7t nghi\u00eam tr\u1ecdng c\u00f3 m\u00e3 \u0111\u1ecbnh danh CVE-2026-47291 (\u0110i\u1ec3m CVSS: 9.8 &#8211; Critical) v\u1eeba \u0111\u01b0\u1ee3c c\u00f4ng b\u1ed1 li\u00ean quan \u0111\u1ebfn th\u00e0nh ph\u1ea7n giao th\u1ee9c HTTP (HTTP.sys) tr\u00ean h\u1ec7 \u0111i\u1ec1u h\u00e0nh Windows. \u0110\u00e2y l\u00e0 l\u1ed7 h\u1ed5ng cho ph\u00e9p th\u1ef1c thi m\u00e3 t\u1eeb xa (RCE) nguy hi\u1ec3m nh\u1ea5t hi\u1ec7n nay, \u0111\u00f2i [&hellip;]","og_url":"https:\/\/longvan.net\/cong-dong\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\/","og_site_name":"Long V\u00e2n","article_published_time":"2026-06-26T01:18:47+00:00","article_modified_time":"2026-06-26T01:20:19+00:00","og_image":[{"width":636,"height":787,"url":"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_1-2-e1782436596901.png","type":"image\/png"}],"author":"Nguy\u1ec5n B\u00ecnh","twitter_card":"summary_large_image","twitter_misc":{"\u0110\u01b0\u1ee3c vi\u1ebft b\u1edfi":"Nguy\u1ec5n B\u00ecnh","\u01af\u1edbc t\u00ednh th\u1eddi gian \u0111\u1ecdc":"11 ph\u00fat"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/longvan.net\/cong-dong\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\/#article","isPartOf":{"@id":"https:\/\/longvan.net\/cong-dong\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\/"},"author":{"name":"Nguy\u1ec5n B\u00ecnh","@id":"https:\/\/longvan.net\/cong-dong\/#\/schema\/person\/0724e5bcec71b61fb8f56fff94ba2fc3"},"headline":"H\u01b0\u1edbng d\u1eabn x\u1eed l\u00fd l\u1ed7 h\u1ed5ng RCE nghi\u00eam tr\u1ecdng (CVE-2026-47291) tr\u00ean Windows HTTP.sys","datePublished":"2026-06-26T01:18:47+00:00","dateModified":"2026-06-26T01:20:19+00:00","mainEntityOfPage":{"@id":"https:\/\/longvan.net\/cong-dong\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\/"},"wordCount":2042,"publisher":{"@id":"https:\/\/longvan.net\/cong-dong\/#organization"},"image":{"@id":"https:\/\/longvan.net\/cong-dong\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\/#primaryimage"},"thumbnailUrl":"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_1-2-e1782436596901.png","keywords":["CVE","iis","l\u1ed7i b\u1ea3o m\u1eadt","windows"],"articleSection":["Windows"],"inLanguage":"vi"},{"@type":"WebPage","@id":"https:\/\/longvan.net\/cong-dong\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\/","url":"https:\/\/longvan.net\/cong-dong\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\/","name":"H\u01b0\u1edbng d\u1eabn x\u1eed l\u00fd l\u1ed7 h\u1ed5ng RCE nghi\u00eam tr\u1ecdng (CVE-2026-47291) tr\u00ean Windows HTTP.sys - Long V\u00e2n","isPartOf":{"@id":"https:\/\/longvan.net\/cong-dong\/#website"},"primaryImageOfPage":{"@id":"https:\/\/longvan.net\/cong-dong\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\/#primaryimage"},"image":{"@id":"https:\/\/longvan.net\/cong-dong\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\/#primaryimage"},"thumbnailUrl":"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_1-2-e1782436596901.png","datePublished":"2026-06-26T01:18:47+00:00","dateModified":"2026-06-26T01:20:19+00:00","breadcrumb":{"@id":"https:\/\/longvan.net\/cong-dong\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\/#breadcrumb"},"inLanguage":"vi","potentialAction":[{"@type":"ReadAction","target":["https:\/\/longvan.net\/cong-dong\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\/"]}]},{"@type":"ImageObject","inLanguage":"vi","@id":"https:\/\/longvan.net\/cong-dong\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\/#primaryimage","url":"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_1-2-e1782436596901.png","contentUrl":"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2026\/06\/Screenshot_1-2-e1782436596901.png","width":636,"height":787},{"@type":"BreadcrumbList","@id":"https:\/\/longvan.net\/cong-dong\/huong-dan-xu-ly-lo-hong-rce-nghiem-trong-cve-2026-47291-tren-windows-http-sys\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Trang ch\u1ee7","item":"https:\/\/longvan.net\/cong-dong\/"},{"@type":"ListItem","position":2,"name":"H\u01b0\u1edbng d\u1eabn x\u1eed l\u00fd l\u1ed7 h\u1ed5ng RCE nghi\u00eam tr\u1ecdng (CVE-2026-47291) tr\u00ean Windows HTTP.sys"}]},{"@type":"WebSite","@id":"https:\/\/longvan.net\/cong-dong\/#website","url":"https:\/\/longvan.net\/cong-dong\/","name":"Long V\u00e2n","description":"C\u1ed9ng \u0110\u1ed3ng","publisher":{"@id":"https:\/\/longvan.net\/cong-dong\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/longvan.net\/cong-dong\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"vi"},{"@type":"Organization","@id":"https:\/\/longvan.net\/cong-dong\/#organization","name":"Long V\u00e2n","url":"https:\/\/longvan.net\/cong-dong\/","logo":{"@type":"ImageObject","inLanguage":"vi","@id":"https:\/\/longvan.net\/cong-dong\/#\/schema\/logo\/image\/","url":"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2025\/11\/cropped-logo-longvancloudsolution.png","contentUrl":"https:\/\/longvan.net\/cong-dong\/wp-content\/uploads\/2025\/11\/cropped-logo-longvancloudsolution.png","width":1300,"height":330,"caption":"Long V\u00e2n"},"image":{"@id":"https:\/\/longvan.net\/cong-dong\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/longvan.net\/cong-dong\/#\/schema\/person\/0724e5bcec71b61fb8f56fff94ba2fc3","name":"Nguy\u1ec5n B\u00ecnh","image":{"@type":"ImageObject","inLanguage":"vi","@id":"https:\/\/secure.gravatar.com\/avatar\/bfc4fdc8ef9d8e578c510f716eea05cd9320140e74bcb6606e43e0cf78961a9b?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/bfc4fdc8ef9d8e578c510f716eea05cd9320140e74bcb6606e43e0cf78961a9b?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/bfc4fdc8ef9d8e578c510f716eea05cd9320140e74bcb6606e43e0cf78961a9b?s=96&d=mm&r=g","caption":"Nguy\u1ec5n B\u00ecnh"},"url":"https:\/\/longvan.net\/cong-dong\/author\/nguyenbinh\/"}]}},"_links":{"self":[{"href":"https:\/\/longvan.net\/cong-dong\/wp-json\/wp\/v2\/posts\/8991","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/longvan.net\/cong-dong\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/longvan.net\/cong-dong\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/longvan.net\/cong-dong\/wp-json\/wp\/v2\/users\/32"}],"replies":[{"embeddable":true,"href":"https:\/\/longvan.net\/cong-dong\/wp-json\/wp\/v2\/comments?post=8991"}],"version-history":[{"count":4,"href":"https:\/\/longvan.net\/cong-dong\/wp-json\/wp\/v2\/posts\/8991\/revisions"}],"predecessor-version":[{"id":9020,"href":"https:\/\/longvan.net\/cong-dong\/wp-json\/wp\/v2\/posts\/8991\/revisions\/9020"}],"wp:attachment":[{"href":"https:\/\/longvan.net\/cong-dong\/wp-json\/wp\/v2\/media?parent=8991"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/longvan.net\/cong-dong\/wp-json\/wp\/v2\/categories?post=8991"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/longvan.net\/cong-dong\/wp-json\/wp\/v2\/tags?post=8991"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}