Security News > 2015 > April > Attackers actively downing Microsoft's IIS web servers (Help Net Security)
2015-04-17 13:41
Attackers are actively exploiting a DoS vulnerability (CVE-2015-1635) affecting Microsoft's Internet Information Services (IIS) extensible web server, SANS ISC CTO Johannes Ullrich warns, and urges ad...
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/V5F5yCeNjXY/secworld.php
Related news
- Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API (source)
- Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)
- 3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update (source)
- FTC orders GoDaddy to fix poor web hosting security practices (source)
- Microsoft fixes Office 365 apps crashing on Windows Server systems (source)
- Microsoft fixes Windows Server 2022 bug breaking device boot (source)
- ‘Sneaky Log’ Microsoft Spoofing Scheme Sidesteps Two-Factor Security (source)
- Microsoft issues out-of-band fix for Windows Server 2022 NUMA glitch (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-04-14 | CVE-2015-1635 | Code Injection vulnerability in Microsoft products HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability." | 0.0 |