+32 11 711030

Very critical Windows Server Vulnerability

We are informing you of a very critical Windows Vulnerability named MS15-034.
The vulnerability allows an attacker to send a specially crafted HTTP request to a Windows System to allow Remote Code Execution (RCE).

More details are here: https://technet.microsoft.com/library/security/MS15-034

This attack affects all version of Windows Server 2008 and 2012 running the IIS webserver. Server 2003 seems not affected at this time.

Since this attack can be triggered via a simple HTTP request, every server running the IIS webserver is potentially vulnerable.

We urge you to install the necessary Windows Updates as soon as possible and reboot your system afterwards.

Microsoft has not given the specific details of how to exploit this leak yet, so it's a matter of time before attackers can reverse engineer the Windows patch.

Source: Nucleus