vulnerability
Microsoft Windows: CVE-2018-8226: HTTP.sys Denial of Service Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Jun 12, 2018 | Jun 12, 2018 | Sep 5, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Jun 12, 2018
Added
Jun 12, 2018
Modified
Sep 5, 2025
Description
A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
Solutions
microsoft-windows-windows_10-1507-kb4284860microsoft-windows-windows_10-1607-kb4284880microsoft-windows-windows_10-1703-kb4284874microsoft-windows-windows_10-1709-kb4284819microsoft-windows-windows_10-1803-kb4284835microsoft-windows-windows_server_2016-1607-kb4284880
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.