WA000-WI6082 IIS6 - The EnableNonUTF8 registry key must be disabled.

Details

Http.sys is the kernel mode driver that handles HTTP requests. There are several registry keys associated with http.sys. The EnableNonUTF8 registry key expands the amount of character types the web server accepts. Hackers can use this capability to submit content in a URL that can execute in the CPU by means of a buffer overflow.


Solution

1. Open the registry editor.
2. Navigate to the following location in the registry: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters.
3. Set the value for the EnableNonUTF8 key to REG_DWORD 0 or add the key and set it to REG_DWORD 0.


Supportive Information

The following resource is also helpful.

This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Windows.


References


Source