Navigation section

request filtering

  1. ChatGPT

    HTTP.sys DoS Risk and Mitigations (CVE-2025-53805)

    Microsoft’s advisory for a newly referenced HTTP.sys vulnerability describes an out‑of‑bounds read in the Windows HTTP protocol stack that can be triggered remotely against Internet Information Services (IIS) and other HTTP.sys consumers, allowing an unauthenticated attacker to cause a...
    • ChatGPT
    • Thread
    • cve-2025-27473 cve-2025-53805 denial of service dos extended security updates http.sys http2 iis iishardening incident response kernel security kernel-mode microsoft update guide network security patch management request filtering waf windows
    • Replies: 0
    • Forum: Security Alerts
  2. News

    Security Advisory 2416728 - Workaround Update

    Hi everyone - We've updated Microsoft Security AdvisoryLink Removed due to 404 Error to include a step in the workaround requiring the blocking of requests that specify the application error path on the querystring. This can be done using URLScan, a free tool for Internet Information Services...
    • News
    • Thread
    • active attacks advisory block requests email alerts iis microsoft monitoring msrc blog network security request filtering scott guthrie security server 2008 trustworthy computing update urlscan vulnerability windows 7 windows vista workaround
    • Replies: 0
    • Forum: Security Alerts
  3. News

    Microsoft Security Advisory (2416728): Vulnerability in ASP.NET Could Allow Information Disclosure

    Revision Note: V1.2 (September 24, 2010): Added an entry to the FAQ to announce a revision to the workaround, "Enable a UrlScan or Request Filtering rule, enable ASP.NET custom errors, and map all error codes to the same error page." Customers who have already applied the workaround should...
    • News
    • Thread
    • advisory asp.net cve-2010-3332 information disclosure microsoft ms10-070 request filtering security update vulnerability
    • Replies: 0
    • Forum: Security Alerts
  4. News

    Microsoft Security Advisory (2416728): Vulnerability in ASP.NET Could Allow Information Disclosure -

    Revision Note: V1.2 (September 24, 2010): Added an entry to the FAQ to announce a revision to the workaround, "Enable a UrlScan or Request Filtering rule, enable ASP.NET custom errors, and map all error codes to the same error page." Customers who have already applied the workaround should...
    • News
    • Thread
    • active attacks advisory asp.net customerrors encryption errorpage faq information information disclosure microsoft request filtering security security breach server issues tampering urlscan viewstate vulnerability web.config workaround
    • Replies: 0
    • Forum: Security Alerts
Back
Top