Discord Server Twitter Donation Youtube
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
News Microsoft publishes security alert on IIS bug that causes 100% CPU usage spikes
[Image: Microsoft10.jpg]

        Microsoft recently sent out a security advisory in regards to a DDOS attack that was targeting its IIS [Internet Information Services] Microsoft's web server technology. Microsoft stated that their IIS servers had been shipped with a vulnerability that was hampering the processing of HTTP/2 requests. 

    HTTP/2 is the latest in the line of HTTP protocols that underpins what is known as the world wide web. Microsoft stated that the IIS server's incorrectly processing their HTTP/2 requests lead to CPU usage spikes that reached 100%, henceforth, slowing and halting the entire system. 

    In the advisory, Microsoft stated thus: 

    The HTTP/2 specification allows clients to specify any number of SETTINGS frames with any number of SETTINGS parameters. In some situations, excessive settings can cause services to become unstable and may result in a temporary CPU usage spike until the connection timeout is reached and the connection is closed.

    As of the writing of this article, all bugs and holes, according to vendors, both 1st and 3rd party, have been patched. 

     Original article can be found here.

      That was the news folks, have a good week, and stay safe out there.


01001001 00100000 01000001 01001101 00100000 01011010 01001111 01000100 01001001 01000001 01000011

Users browsing this thread: 1 Guest(s)