Microsoft Security Advisory 975191 Released ~ Security Garden

Wednesday, September 02, 2009

Microsoft Security Advisory 975191 Released

Microsoft is investigating new public reports of a vulnerability in the FTP Service in Microsoft Internet Information Services (IIS) 5.0, Microsoft Internet Information Services (IIS) 5.1, and Microsoft Internet Information Services (IIS) 6.0. The vulnerability could allow remote code execution on affected systems that are running the FTP service and are connected to the Internet.

According to the summary information provided, Microsoft is aware that detailed exploit code has been published on the Internet for this vulnerability but is not currently aware of active attacks that use this exploit code or of customer impact at this time. Active monitoring continues.

Windows Vista, Windows 7 and Windows Server 2008 are not affected. However, Microsoft Windows 2000 Service Pack 4, Windows XP, and Windows Server 2003 are impacted.

For additional details and workarounds, see the following:

TechNet: Microsoft Security Advisory (975191): Vulnerability in Internet Information Services FTP Service Could Allow for Remote Code Execution.
MSRC Blog, Microsoft Security Advisory 975191 Released
Security Research & Defense Blog: New vulnerability in IIS5 and IIS6.

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Welcome to the Security Garden, where everything is coming up roses.

The best way to protect your garden is to fence it in. The same applies to your computer.
Get computer security news and information, help, tips and more at the Security Garden.

Articles

My Garden Roots

Perennial Favorites

Article Categories

Wednesday, September 02, 2009