MS.Windows.HTTP2.Data.Dribble.DoS
Description
This indicates an attack attempt to exploit a Denial of Service Vulnerability in Microsoft Windows Server.
A remote, unauthenticated attacker can exploit this vulnerability on a Windows system running IIS. By sending a continuous steam of crafted HTTP/2 frames, the attacker can cause a significant resource exhaustion on the target server, and leading to a potential denial-of-service condition especially if a distributed network of source machines are employed.
Affected Products
Microsoft Windows 10
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server version 1803 (Server Core Installation)
Microsoft Windows Server version 1903 (Server Core installation)
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-9511
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |