Kaspersky Threats

KLA10550
Code execution vulnerability in Microsoft HTTPS.sys

Updated: 06/18/2020

Detect date ?	04/14/2015
Severity ?	Critical
Description	An unspecified vulnerability was found in Microsoft products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed HTTP request.
Affected products	Windows 7 x86, x64 Service Pack 1 Windows Server 2008 R2 x64, Itanium Service Pack 1 Windows 8 x86, x64 Windows 8.1 x86, x64 Windows Server 2012, 2012 R2
Solution	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories	MS15-034 CVE-2015-1635
Impacts ?	ACE [?]
Related products	Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Server 2008
CVE-IDS ?	CVE-2015-163510.0Critical
Microsoft official advisories	Microsoft Security Update Guide
KB list	3042553
Exploitation	The following public exploits exists for this vulnerability: https://www.exploit-db.com/exploits/36776 https://www.exploit-db.com/exploits/36773 Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.