Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Microsoft Windows HTTP.sys and IIS localhost HTTP/2 disruption after recent updates

Service Disruption
First reported
Last updated
Happening score
H score 0
1 unique sources, 1 articles

Summary

Hide ▲

Microsoft fixed a known issue that broke HTTP/2 localhost (127.0.0.1) connections and IIS websites on affected Windows systems, disrupting local apps and web services. The bug affected Windows 11 and Windows Server 2025 users and produced ERR_CONNECTION_RESET and ERR_HTTP2_PROTOCOL_ERROR failures. Microsoft tied the problem to HTTP.sys and said it could appear after recent updates, restarts, and connectivity changes. Many devices were remediated with Known Issue Rollback (KIR), while enterprise systems still need a policy-based workaround until a future Windows update ships.

Related Happenings

Microsoft Windows Server 2016 domain controller discovery failure after KB5087537

Service Disruption
First: 26.05.2026 10:41 Last: 26.05.2026 10:41 Sources 1

About this happening: Microsoft confirmed a **known issue** in **Windows Server 2016** after **KB5087537** that can prevent **domain controller discovery**, disrupting administrative operations and app...

Open Happening

Microsoft Windows Update restricted-network download failure

Service Disruption
First: 19.05.2026 14:22 Last: 19.05.2026 14:22 Sources 1

About this happening: Microsoft's **Windows Update** is failing in **restricted network environments** after the **January 2026 optional non-security preview updates**, leaving affected systems unable...

Open Happening

Windows cldflt.sys MiniPlasma privilege escalation zero-day privilege-escalation flaw

Vulnerability
First: 18.05.2026 07:59 Last: 18.05.2026 07:59 Sources 1

About this happening: **MiniPlasma** is a **Windows privilege-escalation zero-day** in **cldflt.sys** that can give attackers **SYSTEM** privileges on **fully patched Windows systems**. The flaw affect...

Open Happening

Microsoft Windows Autopatch fix for EU restricted driver update deployment bug

Security Tool/Service
First: 13.05.2026 17:36 Last: 13.05.2026 17:36 Sources 1

About this happening: **Microsoft** fixed a **Windows Autopatch** service bug that let **restricted driver updates** reach some managed devices in the **EU**, bypassing admin approval controls and crea...

Open Happening

Windows DNS heap-based buffer overflow remote code execution flaw (CVE-2026-41096)

Vulnerability
First: 13.05.2026 13:36 Last: 13.05.2026 13:36 Sources 1

About this happening: Microsoft patched **CVE-2026-41096**, a **heap-based buffer overflow** in **Windows DNS** that could let an unauthorized attacker execute code remotely on vulnerable Windows syste...

Open Happening

Timeline

  1. 17.10.2025 16:58 2 articles · 7mo ago

    Microsoft mitigates localhost HTTP/2 regression on Windows

    Mitigation Patch Update

    Microsoft fixed a known issue in Windows 11 and Windows Server 2025 where recent Windows security updates caused HTTP/2 localhost (127.0.0.1) connection resets and IIS website failures, producing ERR_CONNECTION_RESET and ERR_HTTP2_PROTOCOL_ERROR for apps and services that rely on HTTP.sys and ASP.NET Core. Windows users had reported failures on Stack Exchange, Reddit, and Microsoft forums, and Microsoft linked the problem to HTTP.sys, recommended checking for updates and restarting impacted devices, automatically resolved many non-managed business and home devices through Known Issue Rollback (KIR), and directed enterprise-managed Windows 11 24H2, Windows 11 25H2, and Windows Server 2025 systems to install the KIR group policy until a future Windows update ships.

    Show sources
    Open in new tab