The vulnerability could allow remote code execution if an attacker sends a specially crafted HTTP request to an affected Windows system. All Windows servers 2008 R2 and 2012 are affected!
Windows Update seems to have done the trick automatically for my 2008 R2 servers but the 2012 servers are still affected after installing the latest updates.
How to check if you are affected?
If you have a Linux server lying around, type this command:
wget --header="Range: bytes=18-18446744073709551615" http://serverip/iis-85.png
Please note that if your server is affected, it will instantly get a blue screen and restart so be careful
In case you don’t have a linux server, you may be able to check if you are affected on this location: https://lab.xpaw.me/MS15-034/
Here’s the blue screen I got on an affected server after sending the invalid HTTP request:
How to patch?
Well, it’s pretty easy. You need to manually download the patch from Microsoft and install. A restart is reqiured.