Microsoft Security advisory released a new flaw in IIS server that Microsoft said the system CPU usage to spike to 100% when malicious HTTP/2 requests are sent to a Windows Server. The potential vulnerability affected with both IIS software versions Windows 10 and Windows Server 2016. Microsoft added the ability to define a threshold on the number of requests included in a request and Microsoft added a threshold. The new bug affects both versions of the IIS and Microsoft’s version of the web server that supports HTTP, HTTPS, FTP, FTPS, SMTP and NNTP.”]

