![]() |
![]() |
![]() |
Dennis Forbes' new IIS hole? A few days ago Dennis Forbes described strange behavior of his IIS install that was apparently from a virus or outright hack. Nobody seemed to have any information about it then. Saw this article today that gives a little bit more information:
Herbert Sitz
I hope my banks are safe.
hoser
A more detailed article from news.news.news.com.com.com:
Nate Silva
The full URL, for those who don't trust TinyURL:
Nate Silva
If http://www.microsoft.com/security/incident/download_ject.mspx is to be believed, this is caused by unpatched IIS boxs.
Matt T.
Well, I feel better now knowing that MS04-011 is to blame ... if there had been a new IIS-specific hole that I (and MS) wasn't aware of, that nightmare scenario I'd been looking for would've been a short time coming.
Greg Hurlman
Let me clarify that it wasn't my box that was compromised, and I wasn't being facetious when I claimed that it was a friend's (in fact it has been very frustrating because many of things that I would have checked I have been unable to - logs, ownerships and creation times of files, patch states, etc). It sounds that it is specifically a SSL exploit, apparently patched by the above mentioned fix. Note that in my other message I indicated that there are reports that Microsoft has had servers compromised.
Dennis Forbes
"If http://www.microsoft.com/security/incident/download_ject.mspx is to be believed, this is caused by unpatched IIS boxs."
Mr O
"Wouldn't it be ironic if going to their site to read about the virus, actually infects your computer with the virus."
5v3n
|