Tom Talks Microsoft Teams and Microsoft 365 Collaboration news and opinions

MS15-034 / KB3042553 IIS Vulnerability affects Lync Servers: Get Patching Now

An Internet Information Server (IIS) vulnerability can be used to remotely crash Windows Servers. The patch was released on Tuesday (April 14th) as part of Microsoft’s Patch Tuesday.

Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2 are all affected. HTTP.sys is used by any version of IIS running on one of these operating systems. HTTP.sys was introduced with IIS 6.

Patch details:

MSFT Security Bulletin:

Details from SANS: here


Patch download:

Download 2012 and R2:

Download 2008 R2:


You could look at using Reverse Proxy rules to block this malformed URL request, but it appears to be pretty complicated. Best to get the patch out as soon as you can. Requires a server restart.

Since Lync Servers uses IIS, while this is not a Lync code issue, it does affect Lync Servers as lync Servers serve HTTPS content. It logically should mainly affect Front End/Standard Editions and Office Web Apps, but probably makes sense to patch the whole estate.


Proof of Concept

I have replicated the issue in my lab with curl and a specifically crafted URL (which I won’t post, as it took a little more crafting that what is public, but not much)



Running the curl Get against the pool with no credentials to the Server/Lync


System then reboots:



Requires Reboot

Verify Install (PowerShell):

Get-HotFix | Where-Object {$_.HotFixID -eq “KB3042553”}



After install the crafted URL had no impact:


About the author

Tom Arbuthnot

A Microsoft MVP and Microsoft Certified Master, Tom Arbuthnot is Principal Solutions Architect at Microsoft Collaboration specialists Modality Systems.

Tom stays up to date with industry developments and shares news and his opinions on his blog, Microsoft Teams Podcast and email list. He is a regular speaker at events around the world.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Tom Talks Microsoft Teams and Microsoft 365 Collaboration news and opinions