Remote Code Execution Via HTTP Request In IIS On Windows

Patching time. A remote code execution vulnerability exists in the HTTP protocol stack (HTTP.sys) that is caused when HTTP.sys improperly parses specially crafted HTTP requests. An attacker who successfully exploited this vulnerability could execute arbitrary code in the context of the System accoun…

Click to view the original at