https://www.overtsoftware.com/wp-content/uploads/2014/10/logo6-e-300x209.png 0 0 ossadmin https://www.overtsoftware.com/wp-content/uploads/2014/10/logo6-e-300x209.png ossadmin2015-04-16 09:09:482015-04-16 09:09:48IIS Denial of Service Vulnerability CVE-2015-1635
A recent exploit (CVE-2015-1635) affecting IIS was released yesterday. The exploit is a Denial of Service (DoS) vulnerability in the HTTP.sys.
Versions of Windows that are vulnerable:
Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. HTTP.sys is used by any version of IIS running on one of these operating systems.
A patch was released on Tuesday April 14th as part of Microsoft’s Patch Tuesday, we recommend that you patch your IIS affected servers as soon as possible to avoid any potential DoS exploits.
More detailed information of the vulnerability can be found here https://isc.sans.edu/diary/
MS15-034%3A+HTTP.sys+%28IIS% 29+DoS+And+Possible+Remote+ Code+Execution.+PATCH+NOW/ 19583