Microsoft: Cyber-crooks exploiting unpatched IIS bug

The flaw could allow an attacker to take control of an older ISS server or launch a DoS attack

Microsoft says that cyber-criminals are starting to exploit an unpatched bug in its IIS server software that was made public earlier this week.

The flaw can be exploited to let an attacker take control of an older IIS (Internet Information Services) 5.0 server running on Windows 2000, provided the hacker has some way of creating an FTP (File Transfer Protocol) directory on the server. Attack code that exploits the bug was posted Monday.

Other IIS users could also be hit with a denial of service (DoS) attack, thanks to a second attack, posted to the Milw0rm Web site on Thursday.

This new code could be used to launch a DoS attack against IIS 5.0, 5.1, 6.0 and 7.0, and could affect users running IIS on Windows XP and Windows Server 2003, Microsoft said. For the attack to work, however, the server needs to be running the FTP service, and the attacker must be able to read files on the system.

Microsoft updated its security advisory on the issue late Thursday, saying it was starting to see "limited attacks that use this exploit code."

That generally means that only a handful of attacks have been spotted. Other security vendors contacted Friday said they had not seen the IIS bug being used in attacks.

Microsoft will release its scheduled September security updates on Tuesday, but it is not expected to fix this bug until it has had more time to test and develop a patch. Microsoft was not notified of the bug until the attack code was made public on Monday.

"The initial vulnerability was not responsibly disclosed to Microsoft, which has led to limited, active attacks putting customers at risk," Microsoft said in a Thursday blog posting.

Microsoft didn't say whether the attacks it had seen involved installing malicious software on an IIS server or simply making it crash. The company did not respond to a request for more information on the subject.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Microsoftcyber attacksFTPexploits and vulnerabilitiesiis

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert McMillan

IDG News Service
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Ada Chan

Dynabook Portégé X30L-G

I highly recommend the Dynabook Portégé® X30L-G notebook for everyday business use, it is a benchmark setting notebook of its generation in the lightweight category.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?