Oxymoron of the day: Microsoft Innovation
|
|
|
Microsoft investigates an IIS flaw
SOFTWARE ALCHEMIST Microsoft said it is investigating claims that there is another flaw in its Internet Information Services (IIS) product that could allow an attacker to gain control of a system.
A spokesVole said that the company is looking into a possible vulnerability in IIS 5 and IIS 6 File Transfer Protocol (FTP) software after code for exploiting the unpatched flaw was posted to the Milw0rm website.
The Vole said it had not heard of anyone having been attacked using the vulnerability, however we guess that if the report is true it is only a matter of time.
According to CNET, the exploit appears to affect primarily older versions of IIS when the FTP function is enabled.
Problems with IIS are considered very important because it is the world's second most popular webserver next to the Apache HTTP Server. It serves roughly about a third of all websites. The latest version of IIS is 7.5, however there are lots of IIS 6 and even IIS 5 servers out there.
The US Computer Emergency Readiness Team (US-CERT) yesterday suggested that IT administrators ought to "disable anonymous write access to the FTP server to help mitigate the vulnerability". µ
Share this:
Share
Maybe instead of a press release every time another flaw is discovered in IIS, they should just release a stock ticker that continually spews out every new security issue. More efficient for all.
Dude, could you stop licking the windows for five minutes and start taking your medication again? What the hell did any of that even mean?
Had it been Apple's FTP server I'm sure Nicky "Not in Ballmer's pocket, honest gov" Ferret would have had an seizure of rage. I mean, implementing an FTP server that isn't a security disaster waiting to happen must be really hard, I mean the code base has only been around since 1970, there's no way they could have refined it to production code quality in that time.
Though to be fair to MS, if you enable write access for anonymous users of your server you're a fucking idiot.
Spare Software Programs have Largely Replaced Spare floppy files & Tonnes of RAW Guesswork that was Always Too everything. Only GOOD thing About OS?2 was connecting gozen modems & routers one night, on half dozen excursion into Damiens doamain.
NOW ITS' TODAY;EVERYday.IB2Mbs,WORLDEWIDE: EYE CH2 BROACAST MILATARYSlowercase service.
?NationWide, thats SOOoo Dweeb.
Forget IE8 Once gone, Forget Modem interconnect Once Its Become Unfriendly, Forget Gettting rid of Deep Probs whith expensive Scubs of Time & undocumented Software events, now Long gone to NeverLand.
Price Jocko of Huavanna has late date for NEW Software Change, Wise SeaMonkey & Ad Aware with occasional rotisiaree' of Rooters, How few are Mandatory.
TODAYS MICROSOFT PRODUCT BEATS Minnesota FatsBall & Makes Much HIGH SPEED Interconnects common as .10 Cent Phone Booth or Connect Rate. Get Y9ourK.dia, STOCKPILE UPDATES IN o/sfiling
Updates Is My Point & prize simplifity of giving up not as genuine by north korean as Asian: 7,With Deep Penetrating 5 HDD Black Armour,DEEP PARTITION DUKING 80+Mainboard by TM:anybudy.... Desk,Eat Micro, Eat 3IIpheNoN giga Breeze.... 10Tb of Theeee'. beats non delivery by BAD Mouth BUY: GET 266DDRII Solid & Cheap Performance (Ultee' 32 Beta I=- MicroS Views Perfect MIX./\. Installing Clients Sofware O?S In Hebrew IS Where Its AT today.
HEHEhe arrrrgggg & thers always Way.
Yes,Yes:FOUBLIN DATS PERFECT'MIX.
DRASHEK
"The US Computer Emergency Readiness Team (US-CERT) yesterday suggested that IT administrators ought to "disable anonymous write access to the FTP server to help mitigate the vulnerability"."
"To help mitigate" only moves the IIS flaw into other vulnerable areas which then offers enhanced attack possibilities elsewhere and spreads the infection.