Forum Discussion

Cirrus

Sep 20, 2010

iRule to address Microsoft Security Advisory (2416728)

Has anyone tried to address this security vulnerability with an iRule? For more information: Microsoft Security Advisory (2416728) Vulnerability in ASP.NET Could Allow Informa...

Altostratus

Sep 20, 2010

Seems like you could easily use rand() to randomize the delay but that's not how I'd do it.

1) Have a "when HTTP_RESPONSE" event look for error codes and send a 302 to a custom error page.

2) Have a "when HTTP_RESPONSE" event look for error codes and send a 200 along with the actual HTML from the LTM.

Either way we avoid sending the user a pre-canned 404 or 500.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

iRule to address Microsoft Security Advisory (2416728)

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

Could not communicate with the system. Try to reload page.

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

Quarterly Security Notification October 2025

Microsoft SharePoint and Microsoft Exchange December 2020 Security Update

Positive Security vs. Negative Security: A Comparison Using F5's Security Portfolio

BIG-IP security hardening and compliance checks

Microsoft's Strike on Cybercriminals and SFX backdoor- April 1st-April 7th - This Week in Security

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS