Security News > 2015 > April > Attackers actively downing Microsoft's IIS web servers (Help Net Security)
2015-04-17 13:41
Attackers are actively exploiting a DoS vulnerability (CVE-2015-1635) affecting Microsoft's Internet Information Services (IIS) extensible web server, SANS ISC CTO Johannes Ullrich warns, and urges ad...
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/V5F5yCeNjXY/secworld.php
Related news
- Microsoft fixes auth issues on Windows Server, Windows 11 24H2 (source)
- Google's got a hot cloud infosec startup, a new unified platform — and its eye on Microsoft's $20B+ security biz (source)
- Microsoft: Windows 'inetpub' folder created by security fix, don’t delete (source)
- Microsoft: Windows Server 2025 restarts break connectivity on some DCs (source)
- Widespread Microsoft Entra lockouts tied to new security feature rollout (source)
- Microsoft fixes Windows Server 2025 blue screen, install issues (source)
- Oh, cool. Microsoft melts bug that froze Server 2025 Remote Desktop sessions (source)
- Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025 (source)
- Microsoft fixes Outlook on the web search issues, failures (source)
- Microsoft: Windows Server hotpatching to require subscription (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-04-14 | CVE-2015-1635 | Code Injection vulnerability in Microsoft products HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability." | 0.0 |