Security News > 2017 > March > Publicly Attacked Microsoft IIS Zero Day Unlikely to be Patched (Threatpost)

Publicly Attacked Microsoft IIS Zero Day Unlikely to be Patched (Threatpost)

2017-03-29 19:15

Researchers have disclosed a zero-day vulnerability and proof-of-concept exploit for a flaw in Microsoft IIS 6.0. The zero-day has been under attack since last July, the researchers said.

News URL

http://threatpost.com/publicly-attacked-microsoft-iis-zero-day-unlikely-to-be-patched/124641/

#IIS #microsoft #threatpost #zeroday

Related news

Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) (source)
Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) (source)
Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
Microsoft launches Zero Day Quest hacking event with $4 million in rewards (source)
Microsoft announces Zero Day Quest hacking event with big rewards (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Microsoft		480	75	2308	5127	264	7774

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.