Microsoft Windows Updates for MS15-034 and MS15-041
Issue
On April 14, 2015, Microsoft released an update to address a critical vulnerability in the HTTP protocol stack, HTTP.sys
SecureAuth recommends all customers apply the security update MS15-034 (KB3042553) to SecureAuth IdP Appliances within their infrastructure as soon as possible.Security experts, including the SANS Institute, have warned of publicly available denial-of-service exploits targeting Microsoft IIS Web servers in the wild.
Applies to
SecureAuth IdP Version | OS Version |
|---|---|
7.x+ |
|
Resolution
MS15-034: HTTP.sys Remote Code Execution Vulnerability – April 14, 2015
A remote code execution vulnerability exists in the HTTP protocol stack (HTTP.sys) that is caused when HTTP.sys improperly parses specially crafted HTTP requests. An attacker who successfully exploited this vulnerability could execute arbitrary code in the context of the System account. To exploit this vulnerability, an attacker would have to send a specially crafted HTTP request to the affected system.
Warning
Apply MS15-034 Update as soon as possible – This update addresses the vulnerability by modifying how the Windows HTTP stack handles requests
Visit the SecureAuth Service Status & Alerts page for cloud services status, patching information and alerts
References
SANS Institute
MS15-034: HTTP.sys (IIS) DoS And Possible Remote Code Execution. PATCH NOW
Windows HTTP Protocol Stack Flaw is Being Actively Exploited (April 16, 2015)
Microsoft
MS15-034: HTTP.sys Remote Code Execution Vulnerability - April 14, 2015