Comparing 0patching with virtual patching on CVE-2017-7269 [placeholder]

CVE-2017-7269 - WebDAV buffer overflow on Windows Server 2003

Virtual patching solutions:

• https://devcentral.f5.com/articles/iis-60-webdav-buffer-overflow-25953 - provides the regex"/^If: <http:\/\/[^>]*?[\x80-\xFF]{5}/Hm"

• https://blog.qualys.com/webappsec/2017/03/30/protect-against-critical-iis-6-0-buffer-overflow-vulnerability-cve-2017-7269-with-qualys-waf - more cautious about signatures: "Keep in mind that checking for specific IF header values may not be effective if new exploits patterns are disclosed in future and whitelisting of HTTP methods might be the better approach. If you really have a need to support the PROPFIND method, you can check for IF header values."

• https://www.checkpoint.com/defense/advisories/public/2017/cpai-2017-0249.html#protection - no details on how it protects

• http://blog.trendmicro.com/trendlabs-security-intelligence/iis-6-0-vulnerability-leads-code-execution/ - no details on how it protects

• https://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=29071 - an "attack signature" for this issue 

• https://www.mysonicwall.com/sonicalert/searchresults.aspx?ev=article&id=1024 - mentions a signature