IIS flaw under investigation by Microsoft | Tech News on ZDNet

Posted by in Computers, Internet, News, Operating Systems, Security, Viruses, Windows on Sep 1st, 2009 | 0 comments

Microsoft on Monday said it is looking into a report of a flaw in some versions of its Internet Information Services product that could allow an attacker to gain control of a system.

In a statement, a Microsoft representative said the company “is investigating new public claims of a possible vulnerability in IIS 5 and IIS 6 File Transfer Protocol (FTP)”.

Microsoft said it is not aware of any attacks using the vulnerability. “We will take steps to determine how customers can protect themselves, should we confirm the vulnerability.”

According to IDG News Service, code for exploiting the unpatched flaw was posted to the Milw0rm Web site. IDG said the exploit appears to affect primarily older versions of IIS — and only when the FTP function is enabled.

Once it is done with its investigation, Microsoft said, it will decide how to address the matter, which could include a security update as part of its monthly Patch Tuesday or an out-of-cycle update.

via IIS flaw under investigation by Microsoft | Tech News on ZDNet.

Share and Enjoy:
  • Print
  • Digg
  • del.icio.us
  • Facebook
  • Google Bookmarks
  • FriendFeed
  • MySpace
  • Ping.fm
  • Twitter
  • email
  • Suggest to Techmeme via Twitter
  • Technorati

Related posts:

  1. Microsoft and Yahoo Tie-Up
  2. Judge bans Microsoft Word sales – BBC News
  3. “Tories unveil NHS database plans” – BBC NEWS
  4. Facebook in challenge to Google – BBC News


Leave a Reply