This vulnerability was initially exploited as DoS but also has potential to be used as Remote Code Execution. Microsoft has already implemented a patch for the same.
All versions of windows
curl -v [ipaddress]/ -H "Host: test" -H "Range: bytes=0-18446744073709551615"
OR
wget -O /dev/null --header="Range: 0-18446744073709551615" http://[ip address]/
Test Fail: Machine Vulnerable : 416 HTTP ERROR
Test Pass: Machine Not Vulnerable : Any error or response other then 416 HTTP Error