SIMonline

Service receive & sending SMS

Windows servers are vulnerable to DoS attacks, Microsoft warns

1742   |     /   Security

Windows servers are vulnerable to DoS attacks, Microsoft warns
Microsoft told users that Windows servers running IIS are vulnerable to denial of service (DoS) attacks based on malicious HTTP / 2 requests.




The virtual number service will help to create and confirm any account on any site without using a real phone number to activate the account.

According to the tech giant, sending specially crafted HTTP / 2 requests can lead to a 100% jump in the machine’s CPU until IIS stops malicious connections.

“The HTTP / 2 specification allows clients to specify any number of SETTINGS frames with any number of SETTINGS parameters. In some situations, excessive settings can cause the services to become unstable and cause a temporary burst of CPU utilization until the connection timeout expires and the connection is closed, ”Microsoft said in a statement.

The vulnerability affects Windows 10, Windows Server, and Windows Server 2016. The February non-security updates released by Microsoft this week should resolve this issue by allowing IIS administrators to determine thresholds for the number of HTTP / 2 settings included in the request.

However, Microsoft noted that released updates do not define any default values, and IIS administrators must do this on their own. The knowledge base article, which should provide information on how to do this, was not available at the time of writing.

Microsoft pays tribute to Gal Goldstein of F5 Networks for reporting the vulnerability. It is worth noting that a similar flaw, tracked as CVE-2018-16844, was recently discovered by Goldstein in the nginx open source web server software.

“The lack of Microsoft IIS can cause serious problems for organizations using IIS for their corporate website or applications. Although Microsoft has developed a fix to fix this problem, the IT department still needs to configure IIS correctly so that the problem cannot be created. Microsoft, in particular, stated that they did not provide presets, and therefore solving the problem is more than just applying a fix, ”said Justin Jett, Audit and Compliance Director at Plixer.

“IT should use network analytics to view connections to their IIS servers to determine if they have connections to web servers that can cause these problems. Often these connections are long-lived, or the original connection is constantly repeated to cause a problem on the server. By looking at these metrics, IT teams can determine the source of DDoS. These types of problems can be resolved with the correct configuration. Network traffic analytics can help you understand where there might be configuration problems, so the system can be updated before serious problems such as DDoS attacks occur, ”Jett added.


Similar news


Cyberattacks using the WinRAR ACE archive

WinRAR, a popular data compression tool used by more than 500 million users around the world, is vulnerable to serious vulnerabilities that could allow arbitrary code execution through specially created ACE archives.

Vulnerability of Drupal Could Allow Remote Code Execution

Security updates released for the Drupal Content Management System (CMS) fix an “extremely critical” vulnerability that can be used to remotely execute code.

Cloud Security Issues

Companies are increasingly moving sensitive data to the cloud, but cybersecurity, including the human factor and technology, is still a problem for many, according to a new report published by Oracle and KPMG.



SIMONLINE.SU

This is not only a service for receiving and sending SMS messages to virtual numbers, but also a tutorial on user safety in the modern world, the latest developments in IT, social media security, fresh programs and lessons that simplify our lives. So are other issues encountered by the average user. In simple words, each user will find for themselves something interesting or answers to their questions.

SIMonline © 2018 - 2025

All rights reserved