April 14, 2015, Microsoft announced a critical vulnerability for IIS in the MS15-034 bulletin. The latter is referenced under code CVE-2015-1635.
That allows?
The flaw would allow an attacker to run arbitrary code in the context of the system account. It would also allow a denial of service attack.
Since when does it exist?