Make Homepage | Add To Favorites | Print Page | Submit News | Feedback | Contact | 

Your Technical Computer Information Resource!  
  Technical Updates @ TACKtech Corp.  

06.09.2009 - MS09-020 - Important: Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (970483)

View Microsoft related news. Bulletin Severity Rating:Important - This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Internet Information Services (IIS). The vulnerabilities could allow elevation of privilege if an attacker sent a specially crafted HTTP request to a Web site that requires authentication. These vulnerabilities allow an attacker to bypass the IIS configuration that specifies which type of authentication is allowed, but not the file system-based access control list (ACL) check that verifies whether a file is accessible by a given user. Successful exploitation of these vulnerabilities would still restrict the attacker to the permissions granted to the anonymous user account by the file system ACLs.

- View Microsoft Security Bulletin MS09-020
- View Microsoft Knowledge Base Article - 970483
- Visit Microsoft Corporation

NID: 28762 / Submitted by: The Zilla of Zuron
Categories: Microsoft
Most recent Microsoft related news.
MS16-110 - Important: Security Update for Microsoft Windows (3178467) - Version: 1.1
MS16-121 - Critical: Security Update for Microsoft Office (3194063) - Version: 1.1
MS16-127 - Critical: Security Update for Adobe Flash Player (3194343) - Version: 1.0
MS16-123 - Important: Security Update for Windows Kernel-Mode Drivers (3192892) - Version: 1.1
MS16-101 - Important: Security Update for Windows Authentication Methods (3178465) - Version: 2.0
View archive of Microsoft related news.

Visit the TACKtech Shop
  Popular Tech News  
  Most Viewed News  
  Top Affiliates