Endpoint Vulnerability

Microsoft: HTTP.sys Denial of Service Vulnerability

Description

A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive.

Affected Products

Windows 10,Windows Server 2016,Windows Server, version 1709 (Server Core Installation),Windows Server, version 1803 (Server Core Installation)

References

CVE-2018-8226,