IIS and CVE-2026-49975

Hello IIS Team,

our SOC Team informed us about the CVE-2026-49975 vulnerability in MS IIS.

I could'nt found any patch for this. So my question is - are there any plans for for a patch / hotfix or what can we do to fix this?

Greetings Rene

Source: 

https://blog.calif.io/p/codex-discovered-a-hidden-http2-bomb