Patch Unlikely for Widely Publicized Flaw in Microsoft IIS 6.0

  /     /     /  
Publicated : 22/11/2024   Category : security


Patch Unlikely for Widely Publicized Flaw in Microsoft IIS 6.0


Microsoft recommends upgrade to latest operating system for more protection.



A zero-day vulnerability in Microsofts IIS 6.0 Web server software remains unfixed even after two Chinese researchers recently posted a proof-of-concept exploit for it, Threatpost reports. Microsoft recommends that customers upgrade to our latest operating systems and benefit from robust, modern protection.
The flaw is a buffer overflow in the ScStoragePathFromUrl function in the WebDAV service which allows an arbitrary code to be remotely executed in a PROPFIND request using a long header beginning with If:
IIS, or Internet Information Services, currently supports 11.4% of websites behind Apache and Nginx. Among all IIS versions, 11.3% run version 6, and many websites still run on unsupported versions of the software, the report said.
Read details
here
.

Last News

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Patch Unlikely for Widely Publicized Flaw in Microsoft IIS 6.0