Security News > 2015 > April > Attackers actively downing Microsoft's IIS web servers (Help Net Security)
2015-04-17 13:41
Attackers are actively exploiting a DoS vulnerability (CVE-2015-1635) affecting Microsoft's Internet Information Services (IIS) extensible web server, SANS ISC CTO Johannes Ullrich warns, and urges ad...
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/V5F5yCeNjXY/secworld.php
Related news
- Microsoft overhauls security for publishing Edge extensions (source)
- Rackspace internal monitoring web servers hit by zero-day (source)
- Microsoft fixes Remote Desktop issues caused by Windows Server update (source)
- Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild (source)
- Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server (source)
- Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
- Finland seizes servers of 'Sipultie' dark web drugs market (source)
- Microsoft warns it lost some customer's security logs for a month (source)
- Microsoft lost some customers’ cloud security logs (source)
- Ransomware hits web hosting servers via vulnerable CyberPanel instances (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-04-14 | CVE-2015-1635 | Code Injection vulnerability in Microsoft products HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability." | 0.0 |