Friday, 31 March 2017

WONTFIX: No patch for Windows Server 2003 IIS critical bug – Microsoft

Microsoft will not patch a critical security hole recently found and exploited in IIS 6 on Windows Server 2003 R2 – the operating system it stopped supporting roughly two years ago. The buffer overflow bug can be exploited to inject malicious code into a vulnerable machine and execute it, allowing an attacker to gain control of the computer. It requires WebDAV to be enabled. If you have such a machine exposed to or reachable from the internet, and you get hacked, maybe you deserve it.

View full story

ORIGINAL SOURCE: The Register

The post WONTFIX: No patch for Windows Server 2003 IIS critical bug – Microsoft appeared first on IT SECURITY GURU.



from WONTFIX: No patch for Windows Server 2003 IIS critical bug – Microsoft

No comments:

Post a Comment