Dear all,

Microsoft just disclosed a serious vulnerability (MS15-034) on their IIS Web Server that allows for remote & unauthenticated Denial of Service (DoS) or Remote Code Execution (RCE) on un-patched Windows servers.

This vulnerability exists in the HTTP protocol stack (HTTP.sys) that is caused when HTTP.sys improperly parses specially crafted HTTP requests. An attacker only needs to send a specially crafted HTTP request with the right header to exploit it. Remote Code Execution is used to describe an attacker’s ability to execute commands or arbitrary code of the attacker’s choice on a target machine from a remote location bypassing all security mechanisms & more importantly in the context of the System Account.

Security updates are available & are rated Critical for all supported editions of Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2.

Disabling IIS kernel caching may be helpful in mitigating this issue at some point, but installing the latest available updates/patches from Microsoft Windows Update is recommended. The latest updates addresses the vulnerability by modifying how the Windows HTTP stack handles requests thus securing the servers from this exploit.

Please contact our technical support team 24x7, if you face any challenges with updating your servers/systems & we'd be glad to help you with this.