Tag Archives: Microsoft IIS 0-day

Microsoft IIS 0-Day

New vulnerability has been discovered by Soroush Dalili in the latest popular Microsoft web server IIS, the vulnerability allows an attacker to bypass the IIS security and execute remotely a malicious code on the system. According to the researcher the

Microsoft leaves patches surprise

Microsoft announced lately that it will release five critical updates for windows, but at this time Microsoft did not provide the technical details regarding the patch list like the previous one. However Andrew Storms nCircle’s Director of Security Operations, made

IIS exploit in-the-wild

Proof-of-concept code was posted on Monday that can lead to gain a full control over server running Microsoft IIS. This vulnerability can be serious for webmasters but the attack can only be successful against old versions of IIS (IIS5, IIS6).