Skip to main content

Microsoft IIS DoS Vulnerability

Microsoft has released details of a vulnerability in their Internet Information Services (IIS) product. A remote threat actor could exploit this vulnerability to cause a denial-of-service condition on an affected system.

Threat ID:
CC-2946
Category:
Threat Severity:
Low
Threat Vector:
Published:
21 February 2019 12:00 AM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Microsoft has released details of a vulnerability in their Internet Information Services (IIS) product. A remote threat actor could exploit this vulnerability to cause a denial-of-service condition on an affected system.

Affected platforms

The following platforms are known to be affected:

Windows 10

Microsoft Windows 10
  • Microsoft Windows Server 2016

Threat details

The vulnerability is a result of IIS improperly handling HTTP/2 SETTINGS frames. In certain situations, frames with excessive SETTINGS parameters can cause IIS to become unstable, resulting in transient CPU usage spikes.

Remediation steps

Type Step

Microsoft added the ability to define the maximum threshold for SETTINGS parameters in their February non-security updates. Users and administrators are encouraged to apply these updates and review Microsoft security advisory ADV190005.

Last edited: 14 February 2020 2:44 pm