To all IT Professionals:


A Microsoft  vulnerability could allow remote code execution if an attacker sends a specially crafted HTTP request to an affected Windows system.


This security update is rated Critical  and should be patched ASAP for all supported editions of Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. For more information, see the Affected Software section linked below.


The security update addresses the vulnerability by modifying how the Windows HTTP stack handles requests. For more information about the vulnerability, see the Vulnerability Information section.


To read the full Security Bulletin and get more information, click the following Link:



Departments fully managed by ITS will have the updates automatically distributed.  Departments using SCCM and/or Casper to manage their own devices should enable the updates for distribution to their users.  For more information about how you can take advantage of the Enterprise Desktop Services provided by ITS, please visit



Michael Rutt | Sr. Security Analyst | [log in to unmask] | 402-472-0933














Michael Rutt|Sr. ITS Security Analyst|University of Nebraska - Lincoln|402-472-0933 |[log in to unmask]|

126 501 Building|Lincoln NE 68588-0203