Microsoft IIS Security Flaws Seeing More Activity in Attacks
Microsoft is warning admins that recent flaws uncovered in versions 5.0 and 6.0 of IIS (Internet Information Services) are seeing increased activity as vectors of attack. The holes are currently unpatched and is not part of the upcoming Patch Tuesday fix release.
Microsoft is warning admins that recent flaws uncovered in versions 5.0 and 6.0 of IIS (Internet Information Services) are seeing increased activity as vectors of attack. The holes are currently unpatched and is not part of the upcoming Patch Tuesday fix release.
"The initial vulnerability was not responsibly disclosed to Microsoft, which has led to limited, active attacks putting customers at risk," Microsoft said in a Thursday blog posting. Microsoft updated its security advisory on the issue late Thursday, saying it was starting to see "limited attacks that use this exploit code."