Article ID: 125232, created on Apr 16, 2015, last review on Apr 20, 2015

  • Applies to:
  • Virtuozzo containers for Windows


A remote code execution vulnerability exists in the HTTP protocol stack (HTTP.sys) that is caused when HTTP.sys improperly parses specially crafted HTTP requests. An attacker who successfully exploited this vulnerability could execute arbitrary code in the context of the System account.

To exploit this vulnerability, an attacker would have to send a specially crafted HTTP request to the affected system. The update addresses the vulnerability by modifying how the Windows HTTP stack handles requests.

Request is using the Range-header to trigger a buffer overflow and detect if the system is vulnerable or not. When sending such a request, it can trigger a blue screen on the Windows Server, effectively rendering it offline.


MS15-034 security vulnerability. More details can be found at

Vulnerable Server systems (including Server Core installations):

  • Windows Server 2008 R2 for x64-based Systems Service Pack 1

  • Windows Server 2012

  • Windows Server 2012 R2


The security update should be applied after first installing the applicable Virtuozzo for Windows update:

  • PCW 6.0: VZU600022
  • PVC 4.6: VZU460084

After the relevant VZU update is installed, apply the latest Microsoft update depending on the OS version you use:

Search Words

Microsoft Security Bulletin MS15-034 - Critical



965b49118115a610e93635d21c5694a8 2897d76d56d2010f4e3a28f864d69223 d02f9caf3e11b191a38179103495106f

Email subscription for changes to this article
Save as PDF