Tuesday, September 01, 2009

IIS Zero Day Exploit

Another Microsoft IIS Zero-day Exploit has been reported on InformationWeek. I'm not sure when will Microsoft patch this bug. Should the customer waits for their monthly updates or should they rush to release the patch, since the exploit code has been posted at wilw0rm and i believe in just a few hours, many people will use this code to conduct an attack to many IIS-based web servers.