Microsoft Security Advisory 975191 - Warns of FTP service vulnerability in IIS

Microsoft Security Advisory 975191 provide customer guidance and protection from a vulnerability that could allow remote code execution on affected systems running the FTP service in Microsoft Internet Information Services (IIS) 5.0, 5.1 and 6.0, and connected to the Internet on PCs running Windows 2000, Windows XP, and Windows Server 2003. “While we’ve seen detailed exploit code published […]

Microsoft Security Advisory 975191 provide customer guidance and protection from a vulnerability that could allow remote code execution on affected systems running the FTP service in Microsoft Internet Information Services (IIS) 5.0, 5.1 and 6.0, and connected to the Internet on PCs running Windows 2000, Windows XP, and Windows Server 2003. “While we’ve seen detailed exploit code published on the Internet for this vulnerability, we’re not currently aware of active attacks that use this exploit code or of customer impact. We’re currently investigating the issue as part of our Software Security Incident Response Process (SSIRP) and working to develop a security update,” MSRC. Microsoft recommends customers review and implement the workarounds provided in the KB975191 under the Workaround section.