Powered by ESDS®

Announcement

Collapse
No announcement yet.

Microsoft IIS Web Server HTTP.sys Remote Code Execution Vulnerability - CVE-2015-1635

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Microsoft IIS Web Server HTTP.sys Remote Code Execution Vulnerability - CVE-2015-1635

    Dear all,

    Microsoft just disclosed a serious vulnerability (MS15-034) on their IIS Web Server that allows for remote & unauthenticated Denial of Service (DoS) or Remote Code Execution (RCE) on un-patched Windows servers.

    This vulnerability exists in the HTTP protocol stack (HTTP.sys) that is caused when HTTP.sys improperly parses specially crafted HTTP requests. An attacker only needs to send a specially crafted HTTP request with the right header to exploit it. Remote Code Execution is used to describe an attacker’s ability to execute commands or arbitrary code of the attacker’s choice on a target machine from a remote location bypassing all security mechanisms & more importantly in the context of the System Account.

    Security updates are available & are rated Critical for all supported editions of Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2.

    Disabling IIS kernel caching may be helpful in mitigating this issue at some point, but installing the latest available updates from Microsoft Updates is recommended. The latest updates addresses the vulnerability by modifying how the Windows HTTP stack handles requests thus securing the servers from this exploit.

    Please contact our technical support team 24x7, if you face any challenges with updating your servers/systems & we'd be glad to help you with this.
    Regards,
    Viraj
ban-img
Working...
X