Vulnerability unpatched in Microsoft server product

Microsoft is investigating reports of an unpatched vulnerability in the company's Internet Information Services (IIS) server product.

The elevation...

Microsoft is investigating reports of an unpatched vulnerability in the company's Internet Information Services (IIS) server product.

The elevation of privilege vulnerability could allow a hacker to bypass some authentication controls, Microsoft said in a security advisory.

Microsoft said it is not aware of attacks using the vulnerability, but lists three configuration settings to help mitigate against a potential attack.

The company said it is working with its partners in the Microsoft Active Protections Program (MAPP) and the Microsoft Security Response Alliance (MSRA) program to provide information they can use to provide broader protections to customers.

Microsoft said after completing its investigation it will either provide an update as part of its monthly Patch Tuesday or release a fix outside of its monthly patching schedule.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on Hackers and cybercrime prevention

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

  • Dissecting the Hack

    In this excerpt from chapter three of Dissecting the Hack: The V3RB0TEN Network, authors Jayson E. Street, Kristin Sims and Brian...

  • Digital Identity Management

    In this excerpt of Digital Identity Management, authors Maryline Laurent and Samia Bousefrane discuss principles of biometrics ...

  • Becoming a Global Chief Security Executive Officer

    In this excerpt of Becoming a Global Chief Security Executive Officer: A How to Guide for Next Generation Security Leaders, ...

SearchNetworking

SearchDataCenter

SearchDataManagement

Close