Microsoft Investigates IIS Zero-Day Security Vulnerability

 
 
By Brian Prince  |  Posted 2009-08-31 Email Print this article Print
 
 
 
 
 
 
 

Microsoft is investigating reports of a vulnerability affecting Microsoft Internet Information Services' FTP module after exploited code surfaced on the Web. The vulnerability could be leveraged by an attacker to execute arbitrary code, officials at US-CERT warn.

Microsoft officials are investigating reports of a zero-day bug affecting Microsoft Internet Information Services in response to the appearance of exploit code on the Internet.

The exploit, which targets a FTP server remote stack overflow, was published Aug. 31 on Milw0rm.com. According to US-CERT, the vulnerability may allow a remote attacker to execute arbitrary code. The code is listed as working on IIS 5.0 and 6.0 on Windows 2000, and affects IIS 6.0 with stack cookie protection. 

"We're currently unaware of any attacks trying to use the claimed vulnerability or of customer impact," a Microsoft spokesperson said. "We will take steps to determine how customers can protect themselves should we confirm the vulnerability.

"Once we're done investigating, we will take appropriate action to help protect customers. This may include providing a security update through the monthly release process, an out-of-cycle update or additional guidance to help customers protect themselves."

US-CERT suggested administrators disable anonymous write access to the FTP server to mitigate the vulnerability. Before doing so, however, admins should perform a thorough impact analysis, US-CERT advised.

 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date
Rocket Fuel