Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Microsoft: fix security issue with non-security update. Instructions point to non-exi
#1
Information 
Quote:[Image: microsoft-windows-security-update-not-found.png]

Can things get any worse than this? Microsoft published a security advisory yesterday -- ADV190005 | Guidance to adjust HTTP/2 SETTINGS frames -- which affects Windows Server running Internet Information Services (IIS).

The security issue could be abused to cause CPU usage to increase to 100% until the malicious HTTP/2 "connections are killed by IIS".

The advisory recommends to administrators that they install the February non-security updates for the version of Windows 10 that is installed on an affected device. Microsoft released cumulative updates for all supported versions of Windows 10 on the February Patch Tuesday that included security updates.

The updates that Microsoft refers to in the advisory were released this week for Windows 10 version 1607 to 1803 (the update for Windows 10 version 1809 is being tested in the Release Preview ring currently) and the related Windows Server versions.
[-] The following 2 users say Thank You to harlan4096 for this post:
  • darktwilight, silversurfer
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
GFYI [Official] EaseUS Data Recovery Wi...
I utilize EaseUS Par...zevish — 08:10
MultCloud 500GB Data Traffic Lifetime wi...
MultCloud offers a c...zevish — 07:59
O&O SafeErase Professional 17 Lifetime G...
O&O SafeErase Pr...zevish — 07:43
IM-Magic Partition Resizer Pro [PC]
IM-Magic Partition R...zevish — 07:27
ActivePresenter
ActivePresenter ...mertxgreen2 — 00:00

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>