Make Homepage | Add To Favorites | Print Page | Submit News | Feedback | Contact | 

Your Technical Computer Information Resource!  
     
  Technical Updates @ TACKtech Corp.  

06.09.2009 - MS09-020 - Important: Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (970483)



View Microsoft related news. Bulletin Severity Rating:Important - This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Internet Information Services (IIS). The vulnerabilities could allow elevation of privilege if an attacker sent a specially crafted HTTP request to a Web site that requires authentication. These vulnerabilities allow an attacker to bypass the IIS configuration that specifies which type of authentication is allowed, but not the file system-based access control list (ACL) check that verifies whether a file is accessible by a given user. Successful exploitation of these vulnerabilities would still restrict the attacker to the permissions granted to the anonymous user account by the file system ACLs.

- View Microsoft Security Bulletin MS09-020
- View Microsoft Knowledge Base Article - 970483
- Visit Microsoft Corporation

NID: 28762 / Submitted by: The Zilla of Zuron
Categories: Microsoft
Most recent Microsoft related news.
MS17-013 - Critical: Security Update for Microsoft Graphics Component (4013075) - Version: 2.0
MS17-014 - Important: Security Update for Microsoft Office (4013241) - Version: 2.0
MS17-021 - Important: Security Update for Windows DirectShow (4010318) - Version: 2.0
MS16-037 - Critical: Cumulative Security Update for Internet Explorer (3148531) - Version: 2.0
MS17-013 - Critical: Security Update for Microsoft Graphics Component (4013075) - Version: 1.1
View archive of Microsoft related news.

Visit the TACKtech Shop
  Popular Tech News  
  Most Viewed News  
  Top Affiliates  
........