Microsoft Confirms IIS FTP Zero-Day Flaw

Microsoft late Tuesday confirmed the publication of exploit code for a serious code execution vulnerability in the File Transfer Protocol (FTP) Service in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0.
A security advisory from Redmond warned that the vulnerability could allow remote code execution on affected systems running the FTP service and connected to the Internet.  Read the advisory [microsoft.com]  See workaround information on the SR&D blog [technet.com]

Microsoft late Tuesday confirmed the publication of exploit code for a serious code execution vulnerability in the File Transfer Protocol (FTP) Service in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0.

A security advisory from Redmond warned that the vulnerability could allow remote code execution on affected systems running the FTP service and connected to the Internet.  Read the advisory [microsoft.com]  See workaround information on the SR&D blog [technet.com]

 

Suggested articles

biggest headlines 2020

The 5 Most-Wanted Threatpost Stories of 2020

A look back at what was hot with readers — offering a snapshot of the security stories that were most top-of-mind for security professionals and consumers throughout the year.