Security researchers have discovered a new security flaw in the Internet Information Services 6.0 (IIS) web server component of the Windows Server 2003 R2 operating system. The vulnerability is said to affect over 60,000 servers running on the OS and is being actively exploited in the wild.
Edward Z, the researcher who discovered the flaw has published a Python based proof-of-concept of the exploit on his GitHub. According to the information provided, attackers can create a PROPFIND request with a long header to cause a buffer overflow in IIS' WebDAV component.
It has also been revealed that the vulnerability was exploited in July or August 2016. Trend Micro has recommended disabling the WebDAV component from the IIS Configuration Manager if you happen to be running a Windows Server 2003 R2 instance.
Unlike recent vulnerabilities found in Windows 10, this one won't be fixed, as the server operating system, which was launched in 2005 reached its end-of-life in 2010, with extended support ending in 2015. There won't be any official patches coming from Microsoft and it is recommended to upgrade to one of the currently supported version of the OS.
Source: GitHub via Help Net Security
Thanks for the tip Mirko
24 Comments - Add comment