This indicates an attack attempt to exploit a Denial of Service Vulnerability in Microsoft Windows Server.
A remote, unauthenticated attacker can exploit this vulnerability in a Windows HTTP/2 Server by sending crafted requests to the target server. Successful exploitation will cause the server process to abnormally terminate, resulting in a denial-of-service condition.
This signature will use track and rate feature. The default threshold for the signature is 100 attempts in 1 second.
Microsoft Windows 10
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server version 1803 (Server Core Installation)
Microsoft Windows Server version 1903 (Server Core installation)
Denial of Service: Remote attackers can crash vulnerable systems.
Apply the most recent upgrade or patch from the vendor.