Microsoft: IIS Problem Raises CPU to 100%

Microsoft Security Response δημοσίευσε χθες μια προ for one denial of service (DOS) affecting the IIS (Internet Information Services), την τεχνολογία που χρησιμοποιούν οι web of Microsoft.

According to Microsoft, IIS servers running Windows 10 and Windows Server 2016 are affected by vulnerabilities when processing HTTP / 2 requests.

HTTP/2 is the latest version of the HTTP protocol that supports the World Wide Web (www), the part of the Internet on which they can have normal users through browsers.

Microsoft states that the IIS servers that process HTTP/2 can cause 100% CPU usage, slowing down the entire system.

Gal Goldshtein, software engineer at F5 Networks, was the one who discovered the problem. It is worth mentioning that in addition to the security warning ADV190005 released by Microsoft, to date no other information is available on this vulnerability.

The cumulative updates KB4487006, KB4487011, KB4487021 and KB4487029 released two days ago are supposed to fix the IIS bug we mentioned above.

According to after applying the updates, IIS administrators will be able to adjust the threshold of HTTP/2 requests and prevent the error that causes IIS to freeze and spike in system CPU resources.

"Limits must be set by the IIS administrator," the company said, "not set by Microsoft."

_________________

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).