Make Homepage | Add To Favorites | Print Page | Submit News | Feedback | Contact | 

Your Technical Computer Information Resource!  
     
  Technical Updates @ TACKtech Corp.  

06.09.2009 - MS09-020 - Important: Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (970483)



View Microsoft related news. Bulletin Severity Rating:Important - This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Internet Information Services (IIS). The vulnerabilities could allow elevation of privilege if an attacker sent a specially crafted HTTP request to a Web site that requires authentication. These vulnerabilities allow an attacker to bypass the IIS configuration that specifies which type of authentication is allowed, but not the file system-based access control list (ACL) check that verifies whether a file is accessible by a given user. Successful exploitation of these vulnerabilities would still restrict the attacker to the permissions granted to the anonymous user account by the file system ACLs.

- View Microsoft Security Bulletin MS09-020
- View Microsoft Knowledge Base Article - 970483
- Visit Microsoft Corporation

NID: 28762 / Submitted by: The Zilla of Zuron
Categories: Microsoft
Most recent Microsoft related news.
MS14-085 - Important: Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126) - Version: 1.1
MS16-123 - Important: Security Update for Windows Kernel-Mode Drivers (3192892) - Version: 3.0
MS16-087 - Critical: Security Update for Windows Print Spooler Components (3170005) - Version: 2.0
MS16-095 - Critical: Cumulative Security Update for Internet Explorer (3177356) - Version: 3.0
MS16-039 - Critical: Security Update for Microsoft Graphics Component (3148522) - Version: 4.0
View archive of Microsoft related news.

Visit the TACKtech Shop
  Popular Tech News  
  Most Viewed News  
  Top Affiliates  
........