in Security, Windows Server

How to patch Windows server 2012 R2 to resolve the MS15-034 vulnerability

The vulnerability could allow remote code execution if an attacker sends a specially crafted HTTP request to an affected Windows system. All Windows servers 2008 R2 and 2012 are affected!

Windows Update seems to have done the trick automatically for my 2008 R2 servers but the 2012 servers are still affected after installing the latest updates.

How to check if you are affected?

If you have a Linux server lying around, type this command:

wget --header="Range: bytes=18-18446744073709551615" http://serverip/iis-85.png

Please note that if your server is affected, it will instantly get a blue screen and restart so be careful

In case you don’t have a linux server, you may be able to check if you are affected on this location: https://lab.xpaw.me/MS15-034/

Here’s the blue screen I got on an affected server after sending the invalid HTTP request:

Blue screen caused by the MS15-034 vulnerability

How to patch?

Well, it’s pretty easy. You need to manually download the patch from Microsoft and install. A restart is reqiured.

Write a Comment

Comment