Jump to content
QuoVadis

IIS Denial of Service Vulnerability

Recommended Posts

Primit acum cateva momente de la compania de hosting:

A recent exploit (CVE-2015-1635) affecting IIS was released yesterday. The exploit is a Denial of Service (DoS) vulnerability in the HTTP.sys.

Versions of Windows that are vulnerable:

Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. HTTP.sys is used by any version of IIS running on one of these operating systems.

A patch was released on Tuesday April 14th as part of Microsoft's Patch Tuesday, we recommend that you patch your IIS affected servers as soon as possible to avoid any potential DoS exploits.

More detailed information of the vulnerability can be found here https://isc.sans.edu/diary/MS15-034%3A+HTTP.sys+%28IIS%29+DoS+And+Possible+Remote+Code+Execution.+PATCH+NOW/19583

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...