LT Panel
RT Panel
Friday | December 9, 2016
Popular Review Links:
Zero day vulnerability in IIS

Zero day vulnerability in IIS

Product image

During the Christmas holiday period reports were logged that a zero day vulnerability affected Microsoft Internet Information Services (IIS). Microsoft are taking the matter seriously and their reports show that only specific configurations of IIS are in fact vulnerable to these attacks.

Security firm Secunia reported that the vulnerability is caused by the web server “incorrectly executing ASP code included in a file having multiple extensions separated by ‘;’. This can be exploited to upload and execute ASP code via a third party application using file extensions to restrict uploaded file types. The issue is that IIS can then execute any extension as an Active Server page and many file uploader packages protect the system by checking only the file extension.

About Author

Stuart Davidson

It appears you have AdBlocking activated

Unfortunately AdBlockers interfere with the shopping cart process

To continue with the payment process can we ask you to

deactivate your AdBlocking plugin

or to whitelist this site. Then refresh the page

We thank you for your understanding


Hardwareheaven respect you right to employ plugins such as AdBlocker.
We would however ask you to consider whitelisting this site
We do not allow intrusive advertising and all our sponsors supply items
relevant to the content on the site.

Hardwareheaven Webmaster