MS15-034 - Vulnerability in HTTP.sys Could Allow Remote Code Execution

Bulletin ID: 

MS15-034

Severity: 

Critical

Description: 

This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends a specially crafted HTTP request to an affected Windows system.
Revision Note: V1.1 (April 22, 2015): Bulletin revised to correct the update replacement entries for Windows 8 and Windows Server 2012 in the Affected Software table. This is an informational change only. There were no changes to the update files. Customers who have already successfully updated their systems do not need to take any action.

Security advisory: 

Related content