If you’re using Apache 2.2.14 (or earlier) for your Web apps, experts recommend that you update immediately to Apache 2.2.15. That’s because the older versions contain a bug in the core “mod_isapi” module that could allow attackers to gain system access privileges.
“The vulnerability means that you can take complete control of the web server remotely with system privileges — which is the highest privilege on Windows,” said Sense of Security spokesperson Jason Edelstein. “An attacker could gain access to, modify and take away data.”
