You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2025-53805
About this tag
Discussions on WindowsForum.com about CVE-2025-53805 focus on a reported out-of-bounds read vulnerability in the Windows HTTP protocol stack (HTTP.sys). This flaw can be triggered remotely against Internet Information Services (IIS) and other HTTP.sys consumers, allowing an unauthenticated attacker to cause a denial-of-service over the network. However, users note that the CVE identifier could not be located in major public trackers at the time of reporting, advising caution until vendor pages and NVD records are synchronized. The tag covers mitigation strategies and verification steps for this specific HTTP.sys DoS risk.
Microsoft’s advisory for a newly referenced HTTP.sys vulnerability describes an out‑of‑bounds read in the Windows HTTP protocol stack that can be triggered remotely against Internet Information Services (IIS) and other HTTP.sys consumers, allowing an unauthenticated attacker to cause a...