Make Homepage | Add To Favorites | Print Page | Submit News | Feedback | Contact | 

Your Technical Computer Information Resource!  
     
  Technical Updates @ TACKtech Corp.  

06.09.2009 - MS09-020 - Important: Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (970483)



View Microsoft related news. Bulletin Severity Rating:Important - This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Internet Information Services (IIS). The vulnerabilities could allow elevation of privilege if an attacker sent a specially crafted HTTP request to a Web site that requires authentication. These vulnerabilities allow an attacker to bypass the IIS configuration that specifies which type of authentication is allowed, but not the file system-based access control list (ACL) check that verifies whether a file is accessible by a given user. Successful exploitation of these vulnerabilities would still restrict the attacker to the permissions granted to the anonymous user account by the file system ACLs.

- View Microsoft Security Bulletin MS09-020
- View Microsoft Knowledge Base Article - 970483
- Visit Microsoft Corporation

NID: 28762 / Submitted by: The Zilla of Zuron
Categories: Microsoft
Most recent Microsoft related news.
MS17-002 - Important: Security Update for Microsoft Office (3214291) - Version: 1.1
MS17-001 - Important: Security Update for Microsoft Edge (3214288) - Version: 1.0
MS17-004 - Important: Security Update for Local Security Authority Subsystem Service (3216771) - Version: 1.0
MS17-003 - Critical: Security Update for Adobe Flash Player (3214628) - Version: 1.0
MS16-002 - Critical: Security Update for Microsoft Office (3214291) - Version: 1.0
View archive of Microsoft related news.

Visit the TACKtech Shop
  Popular Tech News  
  Most Viewed News  
  Top Affiliates  
........