Security News > 2015 > April > Attackers actively downing Microsoft's IIS web servers (Help Net Security)
2015-04-17 13:41
Attackers are actively exploiting a DoS vulnerability (CVE-2015-1635) affecting Microsoft's Internet Information Services (IIS) extensible web server, SANS ISC CTO Johannes Ullrich warns, and urges ad...
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/V5F5yCeNjXY/secworld.php
Related news
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Hijacked Microsoft web domain injects spam into SharePoint servers (source)
- Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys (source)
- Microsoft shares workaround for Windows security update issues (source)
- DragonRank Exploits IIS Servers with BadIIS Malware for SEO Fraud and Gambling Redirects (source)
- Microsoft fixes bug causing Windows Server 2025 boot errors (source)
- URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- Microsoft Exchange Online outage affects Outlook web users (source)
- AI agents swarm Microsoft Security Copilot (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-04-14 | CVE-2015-1635 | Code Injection vulnerability in Microsoft products HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability." | 0.0 |