Microsoft probes IIS server flaw
By Stuart Turton
Posted on 2 Sep 2009 at 08:41
Microsoft has confirmed it's investigating a critical vulnerability in Internet Information Services (IIS) server, after a hacker posted exploit code to the milw0rm.com site.
The exploit targets a flaw in the File Transfer Protocol (FTP) software used by IIS versions 5 and 6 to transfer large files. As Microsoft notes, this means that anybody running IIS 7 is safe.
The company was also keen to note that it is unaware of any active attacks, and that in order for an attack to be succesful users would have to enable anonymous write access to the FTP server - something disabled by default.
"Microsoft is currently working to develop a security update for this issue to address this vulnerability and will release it once it has reached an appropriate level of quality for broad distribution," says Microsoft in its security advisory.
The company did not say what form this update would take, though it could be released as part of this month's Patch Tuesday cycle, or released as an out-of-cycle update, though these are rare and usually restricted to flaws affecting the latest versions of Microsoft software.
From around the web
advertisement
- Chrome's shine getting lost in translation
- BytePac: the cardboard hard disk enclosure
- How tech loosens our grip on reality
- Hokum watch: Safer Internet Day
- Why I'm deleting Adobe from my PC
- Prepare to be patronised: it's Safer Internet Day
- Dear Sony, Samsung and every other tech company in the world: stop trying to be Apple
- Will Apple's Final Cut Pro X update placate the pros?
- Smartr Contacts for iPhone review
- Switching to Office 365's Outlook Web App
- Why virtualisation hasn't slowed the growth of data
- How to make Google AdWords work for your business
- The curse of sloppily written software
- Paying for your crimes with Bitcoin
- Behind the scenes: tech support for Formula 1
- The security risk of fat fingers
- Why Windows Phone 7 isn't quite ready for business
- When will Microsoft stop fiddling with Windows 8?
- Flash down the pan?
- Metro Style apps vs desktop applications
advertisement
Printed from www.pcpro.co.uk