What is it?
Microsoft Windows (versions 7, 8 and Server versions 2008-2012) HTTP.sys file could allow remote code execution if an attacker sends a specially crafted HTTP request to an affected Windows system.
The Microsoft link below provides a description and a list of specific Windows versions effected by this vulnerability.
Why is it a risk?
An attacker who successfully exploited this vulnerability could execute arbitrary code in the context of the System account.
This is considered a CRITICAL vulnerability.
How can you mitigate the risk?
Patch your Microsoft Windows and/or Exchange Server to the latest version.
There is a link below to the “One-Click Microsoft Exchange On-Premises Mitigation Tool”; as of March 2021, this is the recommended method for patching your on-premises MS Exchange Server.
The Microsoft Safety Scanner Download link below provides a useful tool for testing your Exchange Server for a variety of security related risks.
Resources:
Microsoft – Microsoft Security Bulletin MS15-034 – Critical
https://learn.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-034
Microsoft One-Click Microsoft Exchange On-Premises Mitigation Tool
Microsoft Safety Scanner Download
