{"id":2551,"date":"2017-03-30T01:09:00","date_gmt":"2017-03-29T23:09:00","guid":{"rendered":"http:\/\/borncity.com\/win\/?p=2551"},"modified":"2021-12-31T10:06:28","modified_gmt":"2021-12-31T09:06:28","slug":"windows-iis-6-0-zero-day-vulnerability-is-under-attacks-since-july-2016","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2017\/03\/30\/windows-iis-6-0-zero-day-vulnerability-is-under-attacks-since-july-2016\/","title":{"rendered":"Windows IIS 6.0 Zero Day Vulnerability is under attacks since July 2016"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" src=\"http:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" align=\"left\" height=\"47\">Windows comes with Internet Information Services (IIS). A zero day vulnerability has been used since July 2016 to attack and compromise IIS 6.0 and take over Windows servers.<\/p>\n<p><!--more--><\/p>\n<p>The zero-day vulnerability was discovered by two Chinese researchers from the Information Security Lab &amp; School of Computer Science &amp; Engineering, South China University of Technology Guangzhou, China. A Buffer overflow in the <em>ScStoragePathFromUrl<\/em> function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header. <\/p>\n<p>The vulnerability affects only IIS 6.0, released in November 2010, and shipped with Windows Server 2003 and Windows XP Professional x64 Edition. The two researchers has published proof-of-concept exploit code <a href=\"https:\/\/web.archive.org\/web\/20211207140458\/https:\/\/github.com\/edwardz246003\/IIS_exploit\" target=\"_blank\" rel=\"noopener\">on GitHub<\/a> a few days ago, after Microsoft acknowledged the flaw. Microsoft said it couldn't patch this vulnerability, because the product has reached end of life (EOL) and no more updates are shipped. Further details may be found also <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/new-iis-6-0-zero-day-exploited-in-live-attacks-since-july-2016\/\" target=\"_blank\" rel=\"noopener\">at bleepingcomputer.com<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Windows comes with Internet Information Services (IIS). A zero day vulnerability has been used since July 2016 to attack and compromise IIS 6.0 and take over Windows servers.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,2],"tags":[731,69,194],"class_list":["post-2551","post","type-post","status-publish","format-standard","hentry","category-security","category-windows","tag-iis-6-0","tag-security","tag-windows"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/2551","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=2551"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/2551\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=2551"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=2551"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=2551"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}