Warning to All Site Administrators: Plug That Hole!

 
Jul 02, 2001
A series of reports have recently come out indicating that system administrators had better get proactive and begin responding more quickly to security alerts.

Robert Lemos has filed a special report with CNet News, relaying a warning to system administrators who have delayed patching the latest security hole in Microsoft's server software. Back in June, Microsoft announced that a flaw in the indexing component of its flagship Webserver software -- the Internet Information Service, or IIS -- could undermine the security of up to 6 million Internet sites, and released a patch for the flaw, along with a strongly worded advisory for Webserver administrators to apply it immediately. eEye Digital Security's chief hacking officer believes that at least one hacker group has already developed a tool to exploit the flaw.
Hackers Hoarding Code to Exploit Server Flaw (CNet News, June 22, 2001)

ZDNet UK's Wendy McAuliffe reports that hackers have been posting code, including a program that would give remote attackers complete control of vulnerable servers using Microsoft's server software, taking advantage of the IIS flaw. Some of these postings have been up for weeks without being noticed.
Hacker Posts Code to Exploit MS Bug (ZDNet IT Resource Centers, July 5, 2001)


Privacy | FAQ | Site Map | About | Guidelines | Contact | Advertising | What is ColdFusion?
House of Fusion | ColdFusion Jobs | Blog of Fusion | AHP Hosting