Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>HTTP “pings of death” are spewing across web to kill Windows servers

HTTP “pings of death” are spewing across web to kill Windows servers


Security researchers have discovered that attackers are exploiting a flaw in Windows IIS web servers to crash websites. The security bug (CVE-2015-1635) allows attackers to knock web servers offline by sending a simple HTTP request. Attackers are exploiting the flaw by sending out pings of death. The following systems running Microsoft's IIS web server are affected:
·         Windows 7
·         Windows Server 2008 R2
·         Windows 8, Windows Server 2012
·         Windows 8.1
·         Windows Server 2012 R2
The vulnerability resides in the component HTTP.sys, a kernel-level driver that forwards requests for webpages and the like to the user-space server software and caches static files. The vulnerability is caused due to HTTP.sys improper handling of the Range header in a HTTP request. This mechanism is used to fetch part of a file from a server, which is sometimes convenient for resuming downloads. Microsoft has warned the security bug can be used to execute code remotely on the server, but so far, no one seems to have been able to do that. Microsoft fixed this denial-of-service vulnerability on Tuesday with a patch numbered MS15-034.
 
More details are available on:
 
Read More:
Source:
 
Microsoft Technet
 
The Register
 
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis