• Партнер

  • Security experts are warning of a highly critical new zero day vulnerability
    in Microsoft’s popular Internet Information Services (IIS) web server product
    which could allow hackers to bypass existing security measures and upload
    malicious code to any affected machine.

    Security researcher Soroush Dalili warned in a research note that the
    vulnerability affects IIS 6 and earlier versions, although IIS 7 has yet to be
    tested and version 7.5 is safe.

    “IIS can execute any extension as an Active Server Page or any other
    executable extension. For instance “malicious.asp;.jpg” is executed as an ASP
    file on the server,” he explained.

    Подписаться
    Уведомить о
    0 комментариев
    Межтекстовые Отзывы
    Посмотреть все комментарии