Store Locator: Enter Zip Code: List All Locations

Vulnerability found in Microsoft's IIS (Internet Information Server)!

Question

Major vulnerability found in Microsoft Web Server component (IIS)!

Answer

This question was answered on October 19, 2000. Much of the information contained herein may have changed since posting.

A major vulnerability in Microsoft's Internet Information Server (IIS), included as a web server component in Windows NT and 2000 server editions, that could allow a malicious user to sabotage a victim's server via a web browser.

In a security alert issued late last night Microsoft warned: "This is a serious vulnerability, and Microsoft recommends that all customers using its IIS 4.0 or 5.0 take action immediately to protect their systems."

IIS is used by millions of web servers around the world and should be a concern to webmasters using the Windows platform.

Microsoft said the flaw could allow a malicious user to execute code of their choice on a vulnerable web server. The type of code that could be run would be limited by the specific server configuration, but in most cases it would be possible for the malicious user to execute any code that an authenticated user could run.

"This would give him the ability to install and run code, add, change or delete files or web pages, or take other actions," said Microsoft.

Attackers could execute virtually any operating system command, and this would enable them to cause a wide range of damage. They could potentially create new files/pages on the server, delete ones that are already there, or reformat the entire hard drive.

"This isn't the worst he [a malicious user] could do," said Microsoft. "He wouldn't be limited to misusing code that already exists on the server. Access to the operating system commands would give him the vulnerability to upload code of his choice to the machine and execute it."

The "patch" for this vulnerability has actually been available since August. It was orignally designed to fix another vulnerability, but also closes the hole for this one. If you have the most recent patches for IIS on your web server, you are already protected. If you would like to get the latest IIS patches for both Versions 4.0 & 5.0, go to:

<a href="http://www.microsoft.com/technet/security/bulletin/ms00-057.asp"><font color="#003399">>http://www.microsoft.com/technet/security/bulletin/ms00-057.asp</b></font></a>

Microsoft has quickly responded to this discovery and has posted the full technical details at:

<a href="http://www.microsoft.com/technet/security/bulletin/fq00-078.asp"><font color="#003399">>http://www.microsoft.com/technet/security/bulletin/fq00-078.asp</b></font></a>

Author

Posted by Ken of Data Doctors on October 19, 2000

Personal Services | Business Services | Radio Show | Free Help Center | Franchising | About Us | Sitemap

Business Network Solutions | Computer Data Recovery | Computer Franchises | Computer Hardware Repair | Computer Help | Computer Network Support | Computer Problems | Computer Repair | Computer Troubleshooting | Data Recovery | Data Recovery Service | Data Recovery Services | Disk Recovery | File Recovery | Wireless Networking Solutions