RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

Microsoft IIS

Product
The name of the base system (platform): Windows NT
Developers: Microsoft
Last Release Date: 2019/02
Technology: Corporate Portals

Content

2022: Kaspersky Lab discovered a difficult-to-detect SessionManager backdoor

Experts Kaspersky Lab"" discovered a difficult-to-detect SessionManager backdoor. It allows you to access corporate To IT infrastructure and perform a wide range of malicious actions: read corporate, mail distribute harmful ON and remotely manage infected people. Kasperskog servers Lab announced this on July 1, 2022. Loiters introduce malware remotely in the form of a module for IIS. Microsoft More. here

2019: Fix the vulnerability

On February 21, 2019, it became known that the company Microsoft had fixed a vulnerability in its technology for web-Internet servers Information Services (IIS) that could be disabled. With computer its help, an attacker can cause a 100% load, of the central processor forcing IIS to process a specially formed/2 request, and HTTP thereby provoke a denial of service.

In a notification to Microsoft, in certain circumstances, when processing HTTP/2, a set of IIS servers loads the CPU 100% and can cause a slowdown, or even a complete shutdown of the computer.

The problem was discovered by F5 Networks specialist Gal Goldshtein. As of February 2019, there are no other descriptions of the vulnerability besides the official notification of Microsoft. As specified in the notification, the HTTP/2 specification allows the client to set any number of SETTINGS frames with any number of SETTINGS parameters. In some cases, too many SETTINGS can make services unstable and cause a temporary spike in CPU load until the connection time expires.

Microsoft fixed the problem by implementing the ability to set a limit on the number of SETTINGS parameters in the HTTP/2 request that IIS is able to process. The vulnerability was fixed this week with the release of KB4487006, KB4487011, KB4487021 and KB4487029 updates. The limit on the number of SETTINGS parameters is not preinstalled, and after deploying patches, system administrators must install it themselves[1].

2010

A set of servers for multiple Internet services from Microsoft. IIS is distributed with Windows NT operating systems.

As of August 2010, the main component of IIS is a web server that allows you to host sites on the Internet. IIS supports HTTP, HTTPS, FTP, POP3, [[SMTP Simple Mail Transfer Protocol |SMTP]], NNTP.

Notes