Patch Unlikely for Widely Publicized Flaw in Microsoft IIS 6.0

Microsoft recommends upgrade to latest operating system for more protection.

A zero-day vulnerability in Microsofts IIS 6.0 Web server software remains unfixed even after two Chinese researchers recently posted a proof-of-concept exploit for it, Threatpost reports. Microsoft recommends that customers upgrade to our latest operating systems and benefit from robust, modern protection.
The flaw is a buffer overflow in the ScStoragePathFromUrl function in the WebDAV service which allows an arbitrary code to be remotely executed in a PROPFIND request using a long header beginning with If:
IIS, or Internet Information Services, currently supports 11.4% of websites behind Apache and Nginx. Among all IIS versions, 11.3% run version 6, and many websites still run on unsupported versions of the software, the report said.
Read details
here
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Patch Unlikely for Widely Publicized Flaw in Microsoft IIS 6.0