none
无法更新补丁 MS15-034: Vulnerability in HTTP.sys Could Allow Remote Code Execution (3042553) (uncredentialed check) RRS feed

  • 问题

  • 目前手头有两个服务器,被扫描出这两个漏洞,但是已经使用windows update进行更新,但是扫描结果依然存在;操作系统版本为 Server2011 sbs std,和server2008 sp2(非R2);2011 sbs std,电话微软客服已经没有补丁更新了。有没有那位知道如何更新这补丁的。另外请教下在符合版权的要求下,server08 能升级成08 R2吗。

    扫描漏洞结果

    <section style="margin:0px;padding:0px 0px 3rem;border:0px;font-variant-numeric:inherit;font-size:13px;line-height:inherit;font-family:'Helvetica Neue', 'Segoe UI', helvetica, arial, sans-serif;color:#333333;">
    Description
    The version of Windows running on the remote host is affected by an integer overflow condition in the HTTP protocol stack (HTTP.sys) due to improper parsing of crafted HTTP requests. An unauthenticated, remote attacker can exploit this to execute arbitrary code with System privileges.
    </section>
    <section style="margin:0px;padding:0px 0px 3rem;border:0px;font-variant-numeric:inherit;font-size:13px;line-height:inherit;font-family:'Helvetica Neue', 'Segoe UI', helvetica, arial, sans-serif;color:#333333;">
    Solution
    Microsoft has released a set of patches for Windows 7, 2008 R2, 8, 8.1, 2012, and 2012 R2
    </section>
    <section style="margin:0px;padding:0px 0px 3rem;border:0px;font-variant-numeric:inherit;font-size:13px;line-height:inherit;font-family:'Helvetica Neue', 'Segoe UI', helvetica, arial, sans-serif;color:#333333;">

    </section>

    2018年4月14日 3:15

全部回复