X
Business
Home Business Tech Industry

MS posts fix for IIS security hole

Microsoft has posted a description and fix to prevent hackers causing Internet Information Server (IIS) to crash when they enter certain URLs.Part of the statement reads: "These types of Denial of Service issues are common on the Internet and could happen to any Web server.
Written by Martin Veitch, Contributor

Microsoft has posted a description and fix to prevent hackers causing Internet Information Server (IIS) to crash when they enter certain URLs.

Part of the statement reads: "These types of Denial of Service issues are common on the Internet and could happen to any Web server. However, this bug does not compromise sensitive data in any way. It forces IIS to become unavailable for a short time and is easily remedied by restarting the Web server... Microsoft takes issues like these very seriously and has responded rapidly by addressing the issue with a permanent fix that prohibits this specific type of attack and also records the IP address of the attacker in a log file... A malicious hacker could write a program to find the exact character sequence. A hacker simply can't publish a URL that would bring down an IIS server."

The bug was on reported on the Bugtraq mailing list for developers sharing data about security bugs in Unix and related operating environments.

Editorial standards
Show Comments

Related

logi-ai-prompt-builder-mx-setup

Logitech mouse and keyboard users are getting a free AI upgrade

Placeholder product image alt text

The best AI image generators to try right now

GOTRAX 4 electric scooter

The most charming projector I've tested has now replaced my TV for movie nights