- How to make new stuff from your piles of obsolete tech
- Why your computer sucks
- 10 recession-proof IT skills
- Juniper execs share network vision
- 9-year-old plots his fifth Microsoft certification
Microsoft Corp. last week disclosed that it is working to fix a bug in its popular Web server software , but observers say the patch is unlikely to be ready in time for Tuesday's regular monthly patch release.
Microsoft last Tuesday issued a formal security advisory for the vulnerability in three older versions of its Internet Information Services server, a day after the exploit code went public.
On Wednesday, it issued the advisory that the patch was in development.
As a result of the flaw, IIS's FTP server fails to properly parse specially crafted directory names, allowing hackers to force a stack buffer overflow and then inject malicious code onto the Web server.
In the short term, Microsoft urged administrators responsible for IIS 5.0, 5.1 and 6.0 Web servers to make one of several suggested defensive moves, any one of which will stymie the currently known exploits.
This version of the story originally appeared in Computerworld 's print edition.
Rss FeedRss Feed
The Leader in Network Knowledge
Comments (1)
NIKEBy Nikedunk on September 7, 2009, 2:13 amThank you for your sharing. You may be interested in Nike Dunk. Access http://www.nikesportmall.com to know more.
Reply | Read entire comment
View all comments