Mitigating Remote Code Execution in "HTTP.sys" (CVE-2015-1635)
A critical Windows vulnerability in its HTTP stack ("HTTP.sys"), which was resolved in a recent Microsoft's Patch Tuesday release, could allow remote attackers to execute code on an IIS server with t...
Additonal mitigations have been published:
Using iRules - https://devcentral.f5.com/s/articles/using-irules-to-mitigate-microsofts-ms15-034-cve-2015-1635-range-vulnerability
Using LineRate - https://devcentral.f5.com/s/articles/linerate-range-header-attack-mitigation