Microsoft warns of web server flaw

Microsoft is investigating a newly reported flaw that could put websites at risk of attack. The company has issued an advisory on the vulnerability, which affects Windows XP Professional SP2, Windows Server 2003, Windows Vista and Windows Server 2008. The problem exists in Windows' handling of code within its Internet Information Services (IIS) and SQL Server.

If exploited, the vulnerability could allow a user to elevate access privileges to that of the LocalSystem administration tool. Microsoft warned that companies that make extensive use of user-provided code, such as site hosts, are especially vulnerable.

View: The full story @ vnunet

Report a problem with article
Previous Story

Shrinking patch windows hit by automated attacks

Next Story

Windows XP Service Pack 3 Released to Manufacturing

14 Comments - Add comment