Security News > 2015 > April > Attackers actively downing Microsoft's IIS web servers (Help Net Security)
2015-04-17 13:41
Attackers are actively exploiting a DoS vulnerability (CVE-2015-1635) affecting Microsoft's Internet Information Services (IIS) extensible web server, SANS ISC CTO Johannes Ullrich warns, and urges ad...
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/V5F5yCeNjXY/secworld.php
Related news
- Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Microsoft 365 outage takes down Office web apps, admin center (source)
- Apache fixes remote code execution bypass in Tomcat web server (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)
- 3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update (source)
- FTC orders GoDaddy to fix poor web hosting security practices (source)
- Microsoft fixes Office 365 apps crashing on Windows Server systems (source)
- Microsoft fixes Windows Server 2022 bug breaking device boot (source)
- ‘Sneaky Log’ Microsoft Spoofing Scheme Sidesteps Two-Factor Security (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-04-14 | CVE-2015-1635 | Code Injection vulnerability in Microsoft products HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability." | 0.0 |