
====================================================================

                                 CERT-Renater

                      Note d'Information No. 2016/VULN169
_____________________________________________________________________

DATE                : 13/04/2016

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Windows versions 10 running HTTP.sys.

======================================================================
KB3148795
https://technet.microsoft.com/en-us/library/security/MS16-049
_____________________________________________________________________

Microsoft Security Bulletin MS16-049: Security Update for HTTP.sys
(3148795)

Bulletin Number: MS16-049

Bulletin Title: Security Update for HTTP.sys

Severity: Important

KB Article: 3148795

Version: 1.0

Published Date: April 12, 2016


Executive Summary

This security update resolves a vulnerability in Microsoft Windows. The
vulnerability could allow denial of service if an attacker sends a
specially crafted HTTP packet to a target system.

This security update is rated Important for all supported editions of
Microsoft Windows 10. For more information.

The update addresses the vulnerability by modifying how the Windows
HTTP protocol stack handles HTTP 2.0 requests. For more information
about the vulnerability.


Affected Software

Windows 10 for 32-bit Systems [1]

Windows 10 for x64-based Systems [1]

Windows 10 Version 1511 for 32-bit Systems [1]

Windows 10 Version 1511 for x64-based Systems [1]

[1] Windows 10 updates are cumulative. The monthly security release
includes all security fixes for vulnerabilities that affect Windows 10,
in addition to non-security updates.


Vulnerability Information

HTTP.sys Denial of Service Vulnerability - CVE-2016-0150

A denial of service vulnerability exists in the HTTP 2.0 protocol stack
(HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0
requests. An attacker who successfully exploited the vulnerability
could create a denial of service condition, causing the target system
to become unresponsive.

To exploit this vulnerability, an attacker could send a specially
crafted HTTP packet to a target system, causing the affected system to
become nonresponsive. The update addresses the vulnerability by
modifying how the Windows HTTP protocol stack handles HTTP 2.0
requests. Note that the denial of service vulnerability would not allow
an attacker to execute code or to elevate user rights.

The following table contains a link to the standard entry for each
vulnerability in the Common Vulnerabilities and Exposures list:

Vulnerability Title   CVE number     Publicly disclosed  Exploited

HTTP.sys Denial of
Service Vulnerability   CVE-2016-0150     No              No

==========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================