CVE-2015-1635 - HTTP.sys Remote Code Execution Vulnerability (MS15 034)
Microsoft have reported a denial of service and possible remote code execution vulnerability in http.sys (Internet Information Server).
A patch was released on Tuesday April 14th as part of Microsoft's monthly patching round.
2.5.904 - 2.5.914
A patch has been released to fix this vulnerability on TPAM appliances. This patch can be downloaded from here
This OS Patch includes Microsoft update for MS015-034. A reboot is recommended after patch is successfully applied.