NEWS
Microsoft on Monday said it is looking into a report of a flaw in some versions of its Internet Information Services (IIS) product that could allow an attacker to gain control of a system.
In a statement, a Microsoft representative said the company "is investigating new public claims of a possible vulnerability in IIS 5 and IIS 6 File Transfer Protocol [FTP]".
Read this
A-Z of security
- A is for Antivirus
- B is for Botnets
- C is for CMA
- D is for DDoS
- E is for Extradition
- F is for Federated identity
- G is for Google
- H is for Hackers
- I is for IM
- J is for Jaschan(Sven)
- K is for Kids
- L is for Love Bug
- M is for Mircosoft
- N is for Neologisms
- O is for Orange
- P is for Passwords
- Q is for Questions
- R is for Rootkits
- S is for Spyware
- T is for Two-factor authentication
- U is for USB sticks/devices
- V is for Virus variants
- W is for wi-fi
- X is for OS X
- Y is for You
- Z is for Zero-day
Microsoft said it is not aware of any attacks using the vulnerability. "We will take steps to determine how customers can protect themselves, should we confirm the vulnerability," the company added.
Once it's done with its investigation, Microsoft said, it will decide how to address the matter, which could include a security update as part of its monthly Patch Tuesday or an out-of-cycle update.
In a posting on Monday, the US Computer Emergency Readiness Team (US-CERT) suggested IT administrators "disable anonymous write access to the FTP server to help mitigate the vulnerability" but added that "a proper impact analysis should be performed prior to taking defensive measures".
Comments
There is 1 comment. Join the discussion
1. anonymous
This should be a good improvement