Microsoft web server files open to hacking

Microsoft has warned about a bug that allows attackers to snoop on password-protected files on servers.

Microsoft is investigating reports of a vulnerability in its popular web server Internet Information Services (IIS), which could allow an attacker to access password-protected files.

In its advisory, Microsoft said that "an elevation of privilege vulnerability exists in the way that the WebDAV extension for IIS handles HTTP requests".

Microsoft said it was investigating public reports of the problem, but so far wasn't aware of attacks that tried to use the vulnerability or of any customer impact.

The United States Computer Emergency Readiness Team (US-CERT) said it was already aware of publicly available exploit code and active exploitation of the flaw.

Security researcher Nikolaos Rangos said exploitation of the flaw could allow an attacker to get into password-protected folders, as well as allow the listing, downloading and uploading of files into a password-protected WebDav folder.

Security engineer Thierry Zoller has more details on the vulnerability, and warned that until the impact was 100 per cent clear, administrators should disable WebDav.

Last year, Microsoft denied there was any vulnerability in IIS after a a massive SQL injection attack had affected hundreds of thousands of web pages.

Featured Resources

Security analytics for your multi-cloud deployments

IBM Security QRadar SIEM solution brief

Download now

Five reasons to move to the cloud

Join the enterprises moving their workloads to the cloud

Download now

Architecting hybrid IT and edge for digital advantage

Why business leaders should consider a hybrid IT strategy

Download now

Six reasons to accelerate remote asset monitoring with AI

How to optimise resources, increase productivity, and grow profit margins with AI

Download now

Recommended

Lazarus APT hacking group is targeting the defense industry
Security

Lazarus APT hacking group is targeting the defense industry

26 Feb 2021
Microsoft open sources CodeQL queries used in Solorigate inquiry
Security

Microsoft open sources CodeQL queries used in Solorigate inquiry

26 Feb 2021
CISA warns of ongoing Accellion File Transfer Appliance attacks
hacking

CISA warns of ongoing Accellion File Transfer Appliance attacks

25 Feb 2021
What is a Trojan?
Security

What is a Trojan?

25 Feb 2021

Most Popular

How to build a CMS with React and Google Sheets
content management system (CMS)

How to build a CMS with React and Google Sheets

24 Feb 2021
How to connect one, two or more monitors to your laptop
Laptops

How to connect one, two or more monitors to your laptop

25 Feb 2021
Oxford University COVID lab falls victim to hackers
hacking

Oxford University COVID lab falls victim to hackers

26 Feb 2021