Posted on 04/15/2015 7:33:51 PM PDT by Utilizer
A remote code execution vulnerability exists in the HTTP protocol stack (HTTP.sys) that is caused when HTTP.sys improperly parses specially crafted HTTP requests. An attacker who successfully exploited this vulnerability could execute arbitrary code in the context of the System account.
To exploit this vulnerability, an attacker would have to send a specially crafted HTTP request to the affected system. The update addresses the vulnerability by modifying how the Windows HTTP stack handles requests.
(Excerpt) Read more at ma.ttias.be ...
My Win7 computer ate 16 updates from MS today. Took forever, too! Is it possible this patch was included?It was likely included. If you run Windows Update, you can check the list of installed updates. The update you want is KB3042553. If it is not, you can download the update separately, if you want. Here is a list of links for various Windows versions.
Must be secure, since it's alleged to be under USSS protection! But, really, what difference does it make?
Nope, BCR got it right, although you don't actually need the Mint version to host a web site. The server version will do just fine.
The key is, anyone with a half a brain knows, Linux is the OS to use if you want to serve websites.
Yeah, well, good luck with that if your enterprise requires the use of Microsoft Exchange Server, Active Directory Certificate Services, or SharePoint Server...
All REQUIRE IIS to use their full functionality.
Sometimes a system admin needs to know how to lock down/secure what he has been given to work with... Installing Linux is not an option for those roles.
Ick. Don't need that crap!
The goal should always be to streamline the enterprise and cut out the dead wood. Boosts productivity!
And in a 200 person IT department filled with policies, procedures, change management protocols and a executive staff wined and dined by vendors you’re going to get them to accept your idea of what’s crap or not?
Reality is a bee-otch. I don’t think you work in IT.
Well, I got a notice yesterday, that I have 14 critical updates - but after what I’ve been through the past two weeks, I’m not so sure I want to do this.
So, I’m asking what this newest set of updates are all about and what are my risks ..??
thanks
Thanks for the ping.
Shhh... calm down Babs. You know he's probably management. When you work in the ivory tower, everything is as simple as "how much will it cost?"
BFL
I am glad for an alternatives to Windows, and run Xubuntu on a old laptop dual booting with XP, having tried every major and a few minor distros and found Xubuntu/Xfce the best for older HW.
However, it is only a supplement as i always find is lacking the degree of functionality I can easily achieve in Windows (thank God). Besides lacking legal codecs for certain media, sometimes it is the security which prevents me from dealing with my own files, or things like the ability to just right click on an icon in the application menu and find the location, or the lack of Windows equivalent software, or Wine to run the Win versions.
I just installed Xubuntu on a rig with a 2.8ghz cpu and 4 gb ram, but cannot find a easy reliable way to remap the Caps key to ctrl+c, and the Esc key to ctrl+v, and NumLock to Esc, which i do because of my arthritic fingers (Keyboard > Layouts does not do it). Using AutoHotKey this is easy in Windows. Or a app like Quick Paste. There are others, like PhoneTrayFree and T-Clock.
And downloading Dropbox took about 10 minutes, while in Windows it takes seconds. But thank God for Firefox and Apache or Libre Office, as i can migrate the user profiles from Windows.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.