Web Analytics

Microsoft warns of web server flaw

News Add comments

Welcome to www.mintywhite.com! If you're new here, you may want to subscribe to the RSS feed.

Take a tour of www.Mintywhite.com

Thanks for visiting!

Microsoft is investigating a newly reported flaw that could put websites at risk of attack.

The company has issued an advisory on the vulnerability, which affects Windows XP Professional SP2, Windows Server 2003, Windows Vista and Windows Server 2008.

The problem exists in Windows’ handling of code within its Internet Information Services (IIS) and SQL Server.

If exploited, the vulnerability could allow a user to elevate access privileges to that of the LocalSystem administration tool.

Microsoft warned that companies that make extensive use of user-provided code, such as site hosts, are especially vulnerable.

Microsoft has yet to receive any reports of the vulnerability being targeted, but security experts have already warned of a possible attack.

“The vulnerability is limited to a local privilege escalation, but IIS’ susceptibility is concerning,” wrote McAfee researcher Karthik Raman.

“The web server is widely used on the internet, and is a top pick by web-hosting providers. We might see web-hosting providers targeted, and their clients’ websites breached.”

Microsoft is still investigating the reports and will make a decision on whether to issue a patch immediately or wait until its next scheduled security update on 13 May.

Source

One Response to “Microsoft warns of web server flaw”

  1. Web Hosting » Microsoft warns of web server flaw Says:

    [...] YoungCoders Computer Programmers Forum wrote an interesting post today on Microsoft warns of web server flawHere’s a quick excerpt“The web server is widely used on the internet, and is a top pick by web-hosting providers. We might see web-hosting providers targeted, and… [...]

Leave a Reply (Trackback URL)

© 2008 www.mintywhite.com