Mitigating Remote Code Execution in "HTTP.sys" (CVE-2015-1635)

A critical Windows vulnerability in its HTTP stack ("HTTP.sys"), which was resolved in a recent Microsoft's Patch Tuesday release, could allow remote attackers to execute code on an IIS server with t...

Published Apr 15, 2015

Version 1.0

Historic F5 Account

Joined May 04, 2019

View Profile

MegaZone

SIRT

Apr 22, 2015

Additonal mitigations have been published: Using iRules - https://devcentral.f5.com/s/articles/using-irules-to-mitigate-microsofts-ms15-034-cve-2015-1635-range-vulnerability Using LineRate - https://devcentral.f5.com/s/articles/linerate-range-header-attack-mitigation

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

Mitigating Remote Code Execution in "HTTP.sys" (CVE-2015-1635)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS