Slashdot Mirror

← Back to Stories (view on slashdot.org)

Remote Code Execution Vulnerability Found In Windows HTTP Stack

Posted by Soulskill on from the another-day,-another-vuln dept.

jones_supa writes: A remote code execution vulnerability exists in the Windows HTTP stack that is caused when HTTP.SYS parses specially-crafted HTTP requests. An attacker who has successfully exploited this vulnerability could execute arbitrary code under the SYSTEM context. Details of the bug are withheld, but exploit code is floating around. Microsoft describes the issue in security bulletin MS15-034. An update (KB3042553) is already available for all supported editions of Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. As a workaround, Microsoft offers disabling IIS kernel caching.

1 of 119 comments (clear)

  1. Re:Why the hell ... by Z00L00K · · Score: 3, Interesting

    It's easier that way - no need to be concerned with rights management. You can also get performance benefits from having it as a kernel driver.

    But we also see the disadvantages - security holes.

    I suspect that this also influences Windows XP, and it's quite interesting that a lot of ATMs and other embedded systems still uses XP.

    --
    If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.