Welcome to the sunlit uplands of HTTP/2, where a naughty request can send Microsoft's IIS into a spin

It's patching time again for Windows Server 2016 and Windows 10
Updated Oops! Microsoft has published an advisory on a bug in its Internet Information Services (IIS) product that allows a malicious HTTP/2 request to send CPU usage to 100 per cent.…