Microsoft Investigating Critical Security Flaw in IIS

 

By Posted 29 Dec 2009, 13:24

We have recently heard that Microsoft are investigating a security flaw in their popular Internet Information Services (IIS), it is thought that this particular flaw affects IIS 6 and earlier.

If you are using IIS 7.5 it is thought that you are safe, however we are not yet sure about IIS 7.

This particular vulnerability is said to allow “hackers to bypass existing security measures and upload malicious code to any affected machine”, from what we can see it seems that Microsoft are still investigating the problem, although independent experts seemed to have confirmed the problem.

If you are using IIS 6 I would recommend as always that you keep checking for critical updates, however if we hear details pinpointing a fix for the problem we will keep you informed, for more details check out V3.